The version of MariaDB installed on the remote host is prior to 10.1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the mariadb-10148-release-notes advisory.

  - With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible     for an unprivileged user with an ability to run code on the server machine to intercept the named pipe     connection and act as a man-in-the-middle, gaining access to all the data passed between the client and     the server, and getting the ability to run SQL commands on behalf of the connected user. This occurs     because of an incorrect security descriptor. This affects MariaDB Server before 10.1.48, 10.2.x before     10.2.35, 10.3.x before 10.3.26, 10.4.x before 10.4.16, and 10.5.x before 10.5.7. NOTE: this issue exists     because certain details of the MariaDB CVE-2019-2503 fix did not comprehensively address attack variants     against MariaDB. This situation is specific to MariaDB, and thus CVE-2020-28912 does NOT apply to other     vendors that were originally affected by CVE-2019-2503. (CVE-2020-28912)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions     that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable     vulnerability allows low privileged attacker with network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang     or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14765)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions     that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable     vulnerability allows high privileged attacker with network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang     or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14812)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

MariaDB 10.1.0 < 10.1.48 Multiple Vulnerabilities

high Nessus Plugin ID 142219

Version 1.7