CVE-2015-0381

MEDIUM

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

http://rhn.redhat.com/errata/RHSA-2015-0116.html

http://rhn.redhat.com/errata/RHSA-2015-0117.html

http://rhn.redhat.com/errata/RHSA-2015-0118.html

http://rhn.redhat.com/errata/RHSA-2015-1628.html

http://secunia.com/advisories/62728

http://secunia.com/advisories/62730

http://secunia.com/advisories/62732

http://www.debian.org/security/2015/dsa-3135

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.securityfocus.com/bid/72214

http://www.securitytracker.com/id/1031581

http://www.ubuntu.com/usn/USN-2480-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/100185

https://security.gentoo.org/glsa/201504-05

Details

Source: MITRE

Published: 2015-01-21

Updated: 2019-02-01

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 2

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.40 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.21 (inclusive)

ID	Name	Product	Family	Severity
85499	Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
85488	Oracle Linux 5 : mysql55-mysql (ELSA-2015-1628)	Nessus	Oracle Linux Local Security Checks	high
85460	CentOS 5 : mysql55-mysql (CESA-2015:1628)	Nessus	CentOS Local Security Checks	high
85443	RHEL 5 : mysql55-mysql (RHSA-2015:1628)	Nessus	Red Hat Local Security Checks	high
84658	openSUSE Security Update : MariaDB (openSUSE-2015-479) (BACKRONYM) (Logjam)	Nessus	SuSE Local Security Checks	high
83716	SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1)	Nessus	SuSE Local Security Checks	high
82735	GLSA-201504-05 : MySQL and MariaDB: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
82428	SuSE 11.3 Security Update : MySQL (SAT Patch Number 10387)	Nessus	SuSE Local Security Checks	high
82344	Mandriva Linux Security Advisory : mariadb (MDVSA-2015:091)	Nessus	Mandriva Local Security Checks	high
8920	Oracle MySQL 5.6.x < 5.6.22 Multiple Vulnerabilities	Nessus Network Monitor	Database	high
8919	Oracle MySQL 5.5.x < 5.5.41 Multiple Vulnerabilities	Nessus Network Monitor	Database	high
81349	Fedora 20 : community-mysql-5.5.41-1.fc20 (2015-1162)	Nessus	Fedora Local Security Checks	high
81188	CentOS 7 : mariadb (CESA-2015:0118)	Nessus	CentOS Local Security Checks	high
81160	Scientific Linux Security Update : mariadb on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
81159	RHEL 7 : mariadb (RHSA-2015:0118)	Nessus	Red Hat Local Security Checks	high
81157	Oracle Linux 7 : mariadb (ELSA-2015-0118)	Nessus	Oracle Linux Local Security Checks	high
80970	Debian DSA-3135-1 : mysql-5.5 - security update	Nessus	Debian Local Security Checks	high
80943	Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : mysql-5.5 vulnerabilities (USN-2480-1)	Nessus	Ubuntu Local Security Checks	high
80886	MySQL 5.5.x < 5.5.41 / 5.6.x < 5.6.22 Multiple Vulnerabilities	Nessus	Databases	high