CVE-2016-0648

MEDIUM

Description

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.

References

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://rhn.redhat.com/errata/RHSA-2016-1480.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://rhn.redhat.com/errata/RHSA-2016-1602.html

http://www.debian.org/security/2016/dsa-3557

http://www.debian.org/security/2016/dsa-3595

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://www.securityfocus.com/bid/86457

http://www.securitytracker.com/id/1035606

http://www.ubuntu.com/usn/USN-2953-1

http://www.ubuntu.com/usn/USN-2954-1

http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168

https://access.redhat.com/errata/RHSA-2016:1132

https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/

https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/

https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/

Details

Source: MITRE

Published: 2016-04-21

Updated: 2019-12-27

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 7

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.48 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.29 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.7.0 to 5.7.11 (inclusive)

Configuration 8

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Tenable Plugins

View all (32 total)

ID	Name	Product	Family	Severity
125007	EulerOS Virtualization 3.0.1.0 : mariadb (EulerOS-SA-2019-1554)	Nessus	Huawei Local Security Checks	high
99798	EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2016-1035)	Nessus	Huawei Local Security Checks	medium
93616	MariaDB 5.5.x < 5.5.49 Multiple Vulnerabilities	Nessus	Databases	medium
93159	SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2016:1620-1)	Nessus	SuSE Local Security Checks	high
93158	SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2016:1619-1)	Nessus	SuSE Local Security Checks	high
9482	Oracle MySQL 5.5.x < 5.5.49 / 5.6.x < 5.6.30 / 5.7.x < 5.7.12 Multiple Vulnerabilities	Nessus Network Monitor	Database	critical
93016	Amazon Linux AMI : mysql55 (ALAS-2016-738)	Nessus	Amazon Linux Local Security Checks	high
92996	Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160811)	Nessus	Scientific Linux Local Security Checks	medium
92950	CentOS 7 : mariadb (CESA-2016:1602)	Nessus	CentOS Local Security Checks	medium
92938	RHEL 7 : mariadb (RHSA-2016:1602)	Nessus	Red Hat Local Security Checks	medium
92934	Oracle Linux 7 : mariadb (ELSA-2016-1602)	Nessus	Oracle Linux Local Security Checks	medium
92116	Fedora 23 : community-mysql (2016-7c48036d73)	Nessus	Fedora Local Security Checks	critical
92063	Fedora 22 : community-mysql (2016-1aaf308de4)	Nessus	Fedora Local Security Checks	critical
91871	openSUSE Security Update : mariadb (openSUSE-2016-780)	Nessus	SuSE Local Security Checks	high
91794	openSUSE Security Update : mariadb (openSUSE-2016-761)	Nessus	SuSE Local Security Checks	high
91766	MariaDB 10.1.x < 10.1.14 Multiple Vulnerabilities	Nessus	Databases	medium
91765	MariaDB 10.0.x < 10.0.25 Multiple Vulnerabilities	Nessus	Databases	medium
91474	Debian DSA-3595-1 : mariadb-10.0 - security update	Nessus	Debian Local Security Checks	medium
91277	openSUSE Security Update : mysql-community-server (openSUSE-2016-607)	Nessus	SuSE Local Security Checks	critical
91239	Amazon Linux AMI : mysql56 (ALAS-2016-701)	Nessus	Amazon Linux Local Security Checks	critical
91121	SUSE SLES11 Security Update : mysql (SUSE-SU-2016:1279-1)	Nessus	SuSE Local Security Checks	medium
90847	FreeBSD : MySQL -- multiple vulnerabilities (8c2b2f11-0ebe-11e6-b55e-b499baebfeaf)	Nessus	FreeBSD Local Security Checks	critical
90834	Oracle MySQL 5.7.x < 5.7.12 Multiple Vulnerabilities (RPM Check) (April 2016 CPU) (July 2016 CPU) (October 2017 CPU) (DROWN)	Nessus	Databases	critical
90832	Oracle MySQL 5.6.x < 5.6.30 Multiple Vulnerabilities (April 2016 CPU) (July 2016 CPU) (DROWN)	Nessus	Databases	critical
90830	Oracle MySQL 5.5.x < 5.5.49 Multiple Vulnerabilities (April 2016 CPU) (July 2016 CPU)	Nessus	Databases	medium
90804	Debian DLA-447-1 : mysql-5.5 security update	Nessus	Debian Local Security Checks	medium
90760	Ubuntu 16.04 LTS : mysql-5.7 vulnerabilities (USN-2954-1)	Nessus	Ubuntu Local Security Checks	critical
90724	Debian DSA-3557-1 : mysql-5.5 - security update	Nessus	Debian Local Security Checks	medium
90684	MySQL 5.7.x < 5.7.12 Multiple Vulnerabilities (DROWN)	Nessus	Databases	critical
90683	MySQL 5.6.x < 5.6.30 Multiple Vulnerabilities (DROWN)	Nessus	Databases	critical
90682	MySQL 5.5.x < 5.5.49 Multiple Vulnerabilities	Nessus	Databases	medium
90678	Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2953-1)	Nessus	Ubuntu Local Security Checks	critical