Oracle MySQL 5.6.x < 5.6.30 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 9611

Synopsis

The remote database server is vulnerable to multiple attack vectors.

Description

The version of MySQL installed on the remote host is version 5.6.x prior to 5.6.30 and is affected by multiple issues :

- A flaw exists related to certificate validation. The issue is due to the server hostname not being verified to match a domain name in the X.509 certificate. By spoofing the TLS/SSL server via a certificate that appears valid, an attacker with the ability to intercept network traffic (e.g. Man-in-the-Middle, DNS cache poisoning) can disclose and optionally manipulate transmitted data. (OSVDB 137150)
- An integer overflow condition exists that is triggered as user-supplied input is not properly validated when handling client handshake processing. This may allow an authenticated attacker to cause the server to exit. (OSVDB 137151)
- A flaw exists that is due to overly verbose error messages returning part of the SQL statement that produced them. This may allow an authenticated attacker to gain access to potentially sensitive information. (OSVDB 137152)

Solution

Upgrade to MySQL 5.6.30 or later.

See Also

http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-30.html

Plugin Details

Severity: Medium

ID: 9611

File Name: 9611.prm

Family: Database

Published: 2016/09/30

Modified: 2016/09/30

Dependencies: 8914

Nessus ID: 90683

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 6.5

Temporal Score: 6

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:mysql

Patch Publication Date: 2016/04/11

Vulnerability Publication Date: 2016/04/11

Reference Information

CVE: CVE-2016-2047