English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.882444
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for mariadb CESA-2016:0534 centos7
Zusammenfassung:Check the version of mariadb
Beschreibung:Summary:
Check the version of mariadb

Vulnerability Insight:
MariaDB is a multi-user, multi-threaded
SQL database server that is binary compatible with MySQL.

The following packages have been upgraded to a newer upstream version:
MariaDB (5.5.47). Refer to the MariaDB Release Notes listed in the
References section for a complete list of changes.

Security Fix(es):

* It was found that the MariaDB client library did not properly check host
names against server identities noted in the X.509 certificates when
establishing secure connections using TLS/SSL. A man-in-the-middle attacker
could possibly use this flaw to impersonate a server to a client.
(CVE-2016-2047)

* This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2015-4792,
CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826,
CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870,
CVE-2015-4879, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596,
CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608,
CVE-2016-0609, CVE-2016-0616)

Bug Fix(es):

* When more than one INSERT operation was executed concurrently on a
non-empty InnoDB table with an AUTO_INCREMENT column defined as a primary
key immediately after starting MariaDB, a race condition could occur. As a
consequence, one of the concurrent INSERT operations failed with a
'Duplicate key' error message. A patch has been applied to prevent the race
condition. Now, each row inserted as a result of the concurrent INSERT
operations receives a unique primary key, and the operations no longer fail
in this scenario. (BZ#1303946)

Affected Software/OS:
mariadb on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-4792
BugTraq ID: 77171
http://www.securityfocus.com/bid/77171
Debian Security Information: DSA-3377 (Google Search)
http://www.debian.org/security/2015/dsa-3377
Debian Security Information: DSA-3385 (Google Search)
http://www.debian.org/security/2015/dsa-3385
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html
RedHat Security Advisories: RHSA-2016:0534
http://rhn.redhat.com/errata/RHSA-2016-0534.html
RedHat Security Advisories: RHSA-2016:0705
http://rhn.redhat.com/errata/RHSA-2016-0705.html
RedHat Security Advisories: RHSA-2016:1132
https://access.redhat.com/errata/RHSA-2016:1132
RedHat Security Advisories: RHSA-2016:1480
http://rhn.redhat.com/errata/RHSA-2016-1480.html
RedHat Security Advisories: RHSA-2016:1481
http://rhn.redhat.com/errata/RHSA-2016-1481.html
http://www.securitytracker.com/id/1033894
SuSE Security Announcement: SUSE-SU-2016:0296 (Google Search)
https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html
SuSE Security Announcement: openSUSE-SU-2015:2244 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html
SuSE Security Announcement: openSUSE-SU-2015:2246 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html
SuSE Security Announcement: openSUSE-SU-2016:0368 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html
http://www.ubuntu.com/usn/USN-2781-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-4802
BugTraq ID: 77165
http://www.securityfocus.com/bid/77165
Common Vulnerability Exposure (CVE) ID: CVE-2015-4815
BugTraq ID: 77222
http://www.securityfocus.com/bid/77222
Common Vulnerability Exposure (CVE) ID: CVE-2015-4816
BugTraq ID: 77134
http://www.securityfocus.com/bid/77134
RedHat Security Advisories: RHSA-2015:1628
http://rhn.redhat.com/errata/RHSA-2015-1628.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-4819
BugTraq ID: 77196
http://www.securityfocus.com/bid/77196
Common Vulnerability Exposure (CVE) ID: CVE-2015-4826
BugTraq ID: 77237
http://www.securityfocus.com/bid/77237
Common Vulnerability Exposure (CVE) ID: CVE-2015-4830
BugTraq ID: 77228
http://www.securityfocus.com/bid/77228
Common Vulnerability Exposure (CVE) ID: CVE-2015-4836
BugTraq ID: 77190
http://www.securityfocus.com/bid/77190
Common Vulnerability Exposure (CVE) ID: CVE-2015-4858
BugTraq ID: 77145
http://www.securityfocus.com/bid/77145
Common Vulnerability Exposure (CVE) ID: CVE-2015-4861
BugTraq ID: 77137
http://www.securityfocus.com/bid/77137
Common Vulnerability Exposure (CVE) ID: CVE-2015-4870
BugTraq ID: 77208
http://www.securityfocus.com/bid/77208
https://www.exploit-db.com/exploits/39867/
http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-4879
BugTraq ID: 77140
http://www.securityfocus.com/bid/77140
Common Vulnerability Exposure (CVE) ID: CVE-2015-4913
BugTraq ID: 77153
http://www.securityfocus.com/bid/77153
Common Vulnerability Exposure (CVE) ID: CVE-2016-0505
BugTraq ID: 81088
http://www.securityfocus.com/bid/81088
Debian Security Information: DSA-3453 (Google Search)
http://www.debian.org/security/2016/dsa-3453
Debian Security Information: DSA-3459 (Google Search)
http://www.debian.org/security/2016/dsa-3459
http://www.securitytracker.com/id/1034708
SuSE Security Announcement: SUSE-SU-2016:1619 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
SuSE Security Announcement: SUSE-SU-2016:1620 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
SuSE Security Announcement: openSUSE-SU-2016:0367 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html
SuSE Security Announcement: openSUSE-SU-2016:0377 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html
SuSE Security Announcement: openSUSE-SU-2016:1664 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
SuSE Security Announcement: openSUSE-SU-2016:1686 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
http://www.ubuntu.com/usn/USN-2881-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-0546
BugTraq ID: 81066
http://www.securityfocus.com/bid/81066
Common Vulnerability Exposure (CVE) ID: CVE-2016-0596
BugTraq ID: 81130
http://www.securityfocus.com/bid/81130
Common Vulnerability Exposure (CVE) ID: CVE-2016-0597
BugTraq ID: 81151
http://www.securityfocus.com/bid/81151
Common Vulnerability Exposure (CVE) ID: CVE-2016-0598
BugTraq ID: 81182
http://www.securityfocus.com/bid/81182
Common Vulnerability Exposure (CVE) ID: CVE-2016-0600
BugTraq ID: 81188
http://www.securityfocus.com/bid/81188
Common Vulnerability Exposure (CVE) ID: CVE-2016-0606
Common Vulnerability Exposure (CVE) ID: CVE-2016-0608
BugTraq ID: 81226
http://www.securityfocus.com/bid/81226
Common Vulnerability Exposure (CVE) ID: CVE-2016-0609
BugTraq ID: 81258
http://www.securityfocus.com/bid/81258
Common Vulnerability Exposure (CVE) ID: CVE-2016-0616
BugTraq ID: 81176
http://www.securityfocus.com/bid/81176
Common Vulnerability Exposure (CVE) ID: CVE-2016-2047
BugTraq ID: 81810
http://www.securityfocus.com/bid/81810
Debian Security Information: DSA-3557 (Google Search)
http://www.debian.org/security/2016/dsa-3557
http://www.openwall.com/lists/oss-security/2016/01/26/3
http://www.securitytracker.com/id/1035606
SuSE Security Announcement: SUSE-SU-2016:1279 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html
SuSE Security Announcement: openSUSE-SU-2016:1332 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
http://www.ubuntu.com/usn/USN-2953-1
http://www.ubuntu.com/usn/USN-2954-1
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.