Detections
Analytics
Amazon Linux AMI : mysql (ALAS-2012-44)
medium Nessus Plugin ID 69651
Language:
Synopsis
The remote Amazon Linux AMI host is missing a security update.Description
This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section.(CVE-2011-2262 , CVE-2012-0075 , CVE-2012-0087 , CVE-2012-0101 , CVE-2012-0102 , CVE-2012-0112 , CVE-2012-0113 , CVE-2012-0114 , CVE-2012-0115 , CVE-2012-0116 , CVE-2012-0118 , CVE-2012-0119 , CVE-2012-0120 , CVE-2012-0484 , CVE-2012-0485 , CVE-2012-0490 , CVE-2012-0492)
These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes :
Solution
Run 'yum update mysql' to update your system.See Also
Plugin Details
Severity: Medium
ID: 69651
File Name: ala_ALAS-2012-44.nasl
Version: 1.6
Type: local
Agent: unix
Published: 9/4/2013
Updated: 11/19/2018
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.7
CVSS v2
Risk Factor: Medium
Base Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:mysql-test, p-cpe:/a:amazon:linux:mysql-devel, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:mysql-bench, p-cpe:/a:amazon:linux:mysql-embedded-devel, p-cpe:/a:amazon:linux:mysql-server, p-cpe:/a:amazon:linux:mysql-libs, p-cpe:/a:amazon:linux:mysql-embedded, p-cpe:/a:amazon:linux:mysql-debuginfo, p-cpe:/a:amazon:linux:mysql
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Patch Publication Date: 9/14/2014
Reference Information
CVE: CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492