CVE-2015-0381

MEDIUM

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

http://rhn.redhat.com/errata/RHSA-2015-0116.html

http://rhn.redhat.com/errata/RHSA-2015-0117.html

http://rhn.redhat.com/errata/RHSA-2015-0118.html

http://rhn.redhat.com/errata/RHSA-2015-1628.html

http://secunia.com/advisories/62728

http://secunia.com/advisories/62730

http://secunia.com/advisories/62732

http://www.debian.org/security/2015/dsa-3135

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.securityfocus.com/bid/72214

http://www.securitytracker.com/id/1031581

http://www.ubuntu.com/usn/USN-2480-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/100185

https://security.gentoo.org/glsa/201504-05

Details

Source: MITRE

Published: 2015-01-21

Updated: 2019-02-01

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.40 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.21 (inclusive)

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:* versions up to 9.7.3 (inclusive)

cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
85499Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20150817)NessusScientific Linux Local Security Checks
high
85488Oracle Linux 5 : mysql55-mysql (ELSA-2015-1628)NessusOracle Linux Local Security Checks
high
85460CentOS 5 : mysql55-mysql (CESA-2015:1628)NessusCentOS Local Security Checks
high
85443RHEL 5 : mysql55-mysql (RHSA-2015:1628)NessusRed Hat Local Security Checks
high
84658openSUSE Security Update : MariaDB (openSUSE-2015-479) (BACKRONYM) (Logjam)NessusSuSE Local Security Checks
high
83716SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1)NessusSuSE Local Security Checks
high
82735GLSA-201504-05 : MySQL and MariaDB: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
82428SuSE 11.3 Security Update : MySQL (SAT Patch Number 10387)NessusSuSE Local Security Checks
high
82344Mandriva Linux Security Advisory : mariadb (MDVSA-2015:091)NessusMandriva Local Security Checks
high
8920Oracle MySQL 5.6.x < 5.6.22 Multiple VulnerabilitiesNessus Network MonitorDatabase
high
8919Oracle MySQL 5.5.x < 5.5.41 Multiple VulnerabilitiesNessus Network MonitorDatabase
high
81349Fedora 20 : community-mysql-5.5.41-1.fc20 (2015-1162)NessusFedora Local Security Checks
high
81188CentOS 7 : mariadb (CESA-2015:0118)NessusCentOS Local Security Checks
high
81160Scientific Linux Security Update : mariadb on SL7.x x86_64 (20150203)NessusScientific Linux Local Security Checks
high
81159RHEL 7 : mariadb (RHSA-2015:0118)NessusRed Hat Local Security Checks
high
81157Oracle Linux 7 : mariadb (ELSA-2015-0118)NessusOracle Linux Local Security Checks
high
80970Debian DSA-3135-1 : mysql-5.5 - security updateNessusDebian Local Security Checks
high
80943Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : mysql-5.5 vulnerabilities (USN-2480-1)NessusUbuntu Local Security Checks
high
80886MySQL 5.5.x < 5.5.41 / 5.6.x < 5.6.22 Multiple VulnerabilitiesNessusDatabases
high