openSUSE Security Update : mysql-community-server (openSUSE-2017-555) (Riddle)

high Nessus Plugin ID 100039
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote openSUSE host is missing a security update.


This update for mysql-community-server to version 5.6.36 fixes the following issues :

These security issues were fixed :

- CVE-2016-5483: Mysqldump failed to properly quote certain identifiers in SQL statements written to the dump output, allowing for execution of arbitrary commands (bsc#1029014)

- CVE-2017-3305: MySQL client sent authentication request unencrypted even if SSL was required (aka Ridddle) (bsc#1029396).

- CVE-2017-3308: Unspecified vulnerability in Server: DML (boo#1034850)

- CVE-2017-3309: Unspecified vulnerability in Server:
Optimizer (boo#1034850)

- CVE-2017-3329: Unspecified vulnerability in Server:
Thread (boo#1034850)

- CVE-2017-3453: Unspecified vulnerability in Server:
Optimizer (boo#1034850)

- CVE-2017-3456: Unspecified vulnerability in Server: DML (boo#1034850)

- CVE-2017-3461: Unspecified vulnerability in Server:
Security (boo#1034850)

- CVE-2017-3462: Unspecified vulnerability in Server:
Security (boo#1034850)

- CVE-2017-3463: Unspecified vulnerability in Server:
Security (boo#1034850)

- CVE-2017-3464: Unspecified vulnerability in Server: DDL (boo#1034850)

- CVE-2017-3302: Crash in (bsc#1022428).

- CVE-2017-3450: Unspecified vulnerability Server:

- CVE-2017-3452: Unspecified vulnerability Server:

- CVE-2017-3599: Unspecified vulnerability Server:
Pluggable Auth

- CVE-2017-3600: Unspecified vulnerability in Client:
mysqldump (boo#1034850)

- '--ssl-mode=REQUIRED' can be specified to require a secure connection (it fails if a secure connection cannot be obtained)

These non-security issues were fixed :

- Set the default umask to 077 in mysql-systemd-helper (boo#1020976)

- Change permissions of the configuration dir/files to 755/644. Please note that storing the password in the /etc/my.cnf file is not safe. Use for example an option file that is accessible only by yourself (boo#889126)

For more information please see


Update the affected mysql-community-server packages.

See Also

Plugin Details

Severity: High

ID: 100039

File Name: openSUSE-2017-555.nasl

Version: 3.7

Type: local

Agent: unix

Published: 5/9/2017

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:POC/RL:OF/RC:C


Risk Factor: High

Base Score: 7.7

Temporal Score: 6.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmysql56client18, p-cpe:/a:novell:opensuse:libmysql56client18-32bit, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo, p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit, p-cpe:/a:novell:opensuse:libmysql56client_r18, p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit, p-cpe:/a:novell:opensuse:mysql-community-server, p-cpe:/a:novell:opensuse:mysql-community-server-bench, p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-client, p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-debugsource, p-cpe:/a:novell:opensuse:mysql-community-server-errormessages, p-cpe:/a:novell:opensuse:mysql-community-server-test, p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo, p-cpe:/a:novell:opensuse:mysql-community-server-tools, p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo, cpe:/o:novell:opensuse:42.1, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/8/2017

Reference Information

CVE: CVE-2016-5483, CVE-2017-3302, CVE-2017-3305, CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3450, CVE-2017-3452, CVE-2017-3453, CVE-2017-3456, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3599, CVE-2017-3600