Databases : MariaDB MITM Vulnerability (MDEV-9212)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.806679
Categoría:	Databases
Título:	MariaDB MITM Vulnerability (MDEV-9212) - Linux
Resumen:	MariaDB is prone to a man-in-the-middle (MITM) vulnerability.
Descripción:	Summary: MariaDB is prone to a man-in-the-middle (MITM) vulnerability. Vulnerability Insight: The flaw exists due to error within 'ssl_verify_server_cert' function which does improper verification of the server hostname in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. Vulnerability Impact: Successful exploitation will allow a remote attacker to conduct a MITM attack. Affected Software/OS: MariaDB before versions 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10. Solution: Update to version 5.5.47, 10.0.23, 10.1.10 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2047 BugTraq ID: 81810 http://www.securityfocus.com/bid/81810 Debian Security Information: DSA-3453 (Google Search) http://www.debian.org/security/2016/dsa-3453 Debian Security Information: DSA-3557 (Google Search) http://www.debian.org/security/2016/dsa-3557 http://www.openwall.com/lists/oss-security/2016/01/26/3 RedHat Security Advisories: RHSA-2016:0534 http://rhn.redhat.com/errata/RHSA-2016-0534.html RedHat Security Advisories: RHSA-2016:0705 http://rhn.redhat.com/errata/RHSA-2016-0705.html RedHat Security Advisories: RHSA-2016:1132 https://access.redhat.com/errata/RHSA-2016:1132 RedHat Security Advisories: RHSA-2016:1480 http://rhn.redhat.com/errata/RHSA-2016-1480.html RedHat Security Advisories: RHSA-2016:1481 http://rhn.redhat.com/errata/RHSA-2016-1481.html http://www.securitytracker.com/id/1035606 SuSE Security Announcement: SUSE-SU-2016:1279 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html SuSE Security Announcement: SUSE-SU-2016:1619 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html SuSE Security Announcement: SUSE-SU-2016:1620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html SuSE Security Announcement: openSUSE-SU-2016:1332 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html SuSE Security Announcement: openSUSE-SU-2016:1664 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html SuSE Security Announcement: openSUSE-SU-2016:1686 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html http://www.ubuntu.com/usn/USN-2953-1 http://www.ubuntu.com/usn/USN-2954-1
Copyright	Copyright (C) 2016 Greenbone Networks GmbH