Summary
This host is running Oracle MySQL and is
prone to multiple unspecified vulnerabilities.
Impact
Successful exploitation will allow attackers
to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Impact Level: Application
Solution
Apply the patch from below link,
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Insight
Unspecified errors in the MySQL Server
component via unknown vectors related to Optimizer and Pluggable Auth.
Affected
Oracle MySQL Server version 5.6.21 and
earlier on Windows.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2015-0385, CVE-2015-0409 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P
Related Vulnerabilities
- Oracle MySQL Multiple Unspecified vulnerabilities-01 July14 (Windows)
- PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability
- PostgreSQL Multiple Security Bypass Vulnerability July14 (Windows)
- MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
- MariaDB 'COM_CHANGE_USER' Command Insecure Salt Generation Security Bypass Vulnerability