The version of MariaDB installed on the remote host is prior to 5.5.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mariadb-5532-release-notes advisory.

  - Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote     authenticated users to affect availability via unknown vectors related to Optimizer. (CVE-2016-0502)

  - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and     earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
    (CVE-2013-3809)

  - MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle     MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a     denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is     not properly handled when processing the binary representation of this feature, related to a numeric     calculation error. (CVE-2013-1861)

  - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote     authenticated users to affect availability via unknown vectors related to Server Parser. (CVE-2013-3783)

  - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and     earlier allows remote authenticated users to affect availability via unknown vectors related to Data     Manipulation Language. (CVE-2013-3793)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

MariaDB 5.5.0 < 5.5.32 Multiple Vulnerabilities

medium Nessus Plugin ID 72373

Version 1.13

Version 1.12

Version 1.13 Jun 27, 2025, 1:56 AM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin categorization ("Agent" set to "all") Plugin categorization ("Plugin type" changed from "remote" to "combined") Plugin metadata Plugin Feed: 202506270156
Version 1.12 Nov 18, 2022, 5:52 PM CVE CVSS metrics CVSS temporal metrics CVSSv3 score source (Changed from None to CVE-2016-0502) CVSSv3 severity (Based on CVE-2016-0502 severity decreased from High to Medium) Plugin Feed: 202211181752