MariaDB Server 5.5.x < 5.5.36 Remote Multiple Denial of Service Vulnerabilities

medium Nessus Network Monitor Plugin ID 8132

Synopsis

The remote database server is affected by multiple denial of service vulnerabilities.

Description

MariaDB is a community-developed fork of the MySQL relational database. The version of MariaDB installed on the remote host is earlier than 5.5.36, and is therefore likely to contain the following denial of service vulnerabilities:

- null-pointer dereference error when handling a specially crafted SELECT statement with subqueries (though this requires 'materialization' and 'semijoin' optimizer switches to be on).

- DoS vulnerability when handling KILL QUERY statements with certain concurrent SQL queries.

- DoS vulnerability when parsing specially crafted NAME_CONST expression containing AND/OR expressions.

- DoS vulnerability due to assertion failure when parsing specially crafted SELECT expression containing an invalid GROUP BY value.

- DoS vulnerability when handling specially crafted SELECT expression with JOIN phrases (though, successful exploitation requires 'sql_mode' setting to be set to 'ONLY_FULL_GROUP_BY').

- DoS vulnerability when handling concurrent UPDATE statements.

- Other attacks may be possible.

Solution

Upgrade to version 5.5.36, or higher, to address these vulnerabilities.

Plugin Details

Severity: Medium

ID: 8132

Family: Database

Published: 2/24/2014

Updated: 3/6/2019

Nessus ID: 72709, 72710, 72711, 72712, 72713

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mariadb:mariadb

Patch Publication Date: 2/24/2014

Vulnerability Publication Date: 2/24/2014

Reference Information

BID: 65757

Detections

Analytics