MariaDB Server 5.5.x < 5.5.29 Multiple Buffer Overflows

Medium Nessus Network Monitor Plugin ID 9278

Synopsis

The remote database server is affected by multiple buffer overflow attack vectors.

Description

MariaDB is a community-developed fork of the MySQL relational database. The version of MariaDB installed on the remote host is earlier than 5.5.29, and is therefore affected by multiple buffer overflow vulnerabilities.

- An unspecified flaw exists in which the program fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a remote attacker to execute arbitrary code under the permissions of the mysql daemon. (OSVDB 88060)
- A flaw exists in the 'acl_get()' function in 'sql/sql_acl.cc' which fails to properly sanitize user-supplied input during the access right checking routine, which will result in a stack-based buffer overflow. With a specially crafted database name, an authenticated remote attacker can potentially execute arbitrary code. (OSVDB 88066).

Solution

Upgrade to version 5.5.29, or higher, to address this vulnerability.

See Also

https://kb.askmonty.org/en/mariadb-5529-release-notes

Plugin Details

Severity: Medium

ID: 9278

Family: Database

Published: 2016/05/13

Modified: 2016/12/12

Dependencies: 8693

Nessus ID: 63150

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 6.3

Temporal Score: 5.9

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mariadb:mariadb

Patch Publication Date: 2013/01/15

Vulnerability Publication Date: 2012/12/01

Reference Information

CVE: CVE-2012-5611

BID: 56769