The version of MariaDB installed on the remote host is prior to 5.5.39. It is, therefore, affected by multiple vulnerabilities as referenced in the mariadb-5539-release-notes advisory.

  - Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote     authenticated users to affect availability via vectors related to DDL. (CVE-2015-0391)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote     authenticated users to affect confidentiality, integrity, and availability via vectors related to     CLIENT:MYSQLDUMP. (CVE-2014-6530)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local     users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.
    (CVE-2014-4274)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote     authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS. (CVE-2014-4287)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote     authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG     DML. (CVE-2014-6463)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

MariaDB 5.5.0 < 5.5.39 Multiple Vulnerabilities

high Nessus Plugin ID 129354

Version 1.5