This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
(CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402,
CVE-2014-0412, CVE-2014-0437, CVE-2013-5908)
A buffer overflow flaw was found in the way the MySQL command line
client tool (mysql) processed excessively long version strings. If a
user connected to a malicious MySQL server via the mysql client, the
server could use this flaw to crash the mysql client or, potentially,
execute arbitrary code as the user running the mysql client.
This update also fixes the following bug :
- Prior to this update, MySQL did not check whether a
MySQL socket was actually being used by any process
before starting the mysqld service. If a particular
mysqld service did not exit cleanly while a socket was
being used by a process, this socket was considered to
be still in use during the next start-up of this
service, which resulted in a failure to start the
service up. With this update, if a socket exists but is
not used by any process, it is ignored during the mysqld
After installing this update, the MySQL server daemon (mysqld) will be
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 72477 ()
CVE ID: CVE-2013-5908CVE-2014-0001CVE-2014-0386CVE-2014-0393CVE-2014-0401CVE-2014-0402CVE-2014-0412CVE-2014-0437
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.