Detections
Analytics

MariaDB Server 5.5.x < 5.5.29 Multiple Buffer Overflows

medium Nessus Network Monitor Plugin ID 9278

Synopsis

The remote database server is affected by multiple buffer overflow attack vectors.

Description

MariaDB is a community-developed fork of the MySQL relational database. The version of MariaDB installed on the remote host is earlier than 5.5.29, and is therefore affected by multiple buffer overflow vulnerabilities.

 - An unspecified flaw exists in which the program fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a remote attacker to execute arbitrary code under the permissions of the mysql daemon.
 - A flaw exists in the 'acl_get()' function in 'sql/sql_acl.cc' which fails to properly sanitize user-supplied input during the access right checking routine, which will result in a stack-based buffer overflow. With a specially crafted database name, an authenticated remote attacker can potentially execute arbitrary code..

Solution

Upgrade to version 5.5.29, or higher, to address this vulnerability.

See Also

https://kb.askmonty.org/en/mariadb-5529-release-notes

Plugin Details

Severity: Medium

ID: 9278

Family: Database

Published: 5/13/2016

Updated: 3/6/2019

Nessus ID: 63150

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 6.3

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mariadb:mariadb

Patch Publication Date: 1/15/2013

Vulnerability Publication Date: 12/1/2012

Reference Information

CVE: CVE-2012-5611

BID: 56769