Уязвимость CVE-2017-3291: Информация

Описание

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).

Важность: MEDIUM (6,3) Вектор: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-3291
Опубликовано: 28 января 2017 г.
Изменено: 4 августа 2022 г.

Исправленные пакеты

Имя пакета
Ветка
Исправлено в версии
Версия в репозитории
Errata ID
№ Задания
Состояние
MySQLsisyphus5.5.54-alt18.0.36-alt1ALT-PU-2017-1407-1181256Исправлено
MySQLp105.5.54-alt18.0.36-alt1ALT-PU-2017-1407-1181256Исправлено
MySQLp95.5.54-alt18.0.26-alt2ALT-PU-2017-1407-1181256Исправлено
MySQLp85.5.54-alt0.M80P.15.7.28-alt1ALT-PU-2017-1409-1181264Исправлено
MySQLc10f15.5.54-alt18.0.36-alt1ALT-PU-2017-1407-1181256Исправлено
MySQLc9f25.5.54-alt18.0.36-alt0.c9.1ALT-PU-2017-1407-1181256Исправлено
MySQLc75.5.54-alt1.M70C.15.7.24-alt0.M70C.1ALT-PU-2017-1410-1181257Исправлено
mariadbsisyphus10.1.21-alt110.11.7-alt2.1ALT-PU-2017-1061-1176923Исправлено
mariadbp1010.1.21-alt110.6.17-alt3ALT-PU-2017-1061-1176923Исправлено
mariadbp910.1.21-alt110.4.32-alt0.M90P.1ALT-PU-2017-1061-1176923Исправлено
mariadbp810.1.23-alt1.M80P.110.1.48-alt1ALT-PU-2017-1590-1182782Исправлено
mariadbc10f110.1.21-alt110.6.17-alt1ALT-PU-2017-1061-1176923Исправлено
mariadbc9f210.1.21-alt110.6.15-alt1ALT-PU-2017-1061-1176923Исправлено
mariadbc710.3.14-alt0.M70C.110.3.14-alt0.M70C.1ALT-PU-2019-1992-1231405Исправлено

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
  • Patch
  • Vendor Advisory
95501
  • Third Party Advisory
  • VDB Entry
GLSA-201702-18
  • Third Party Advisory
GLSA-201702-17
  • Third Party Advisory
1037640
  • Broken Link
  • Third Party Advisory
  • VDB Entry
DSA-3770
  • Third Party Advisory
DSA-3767
  • Third Party Advisory
RHSA-2017:2886
  • Third Party Advisory
RHSA-2017:2787
  • Third Party Advisory
RHSA-2017:2192
  • Third Party Advisory
RHSA-2018:0279
  • Third Party Advisory
RHSA-2018:0574
  • Third Party Advisory

    1. Конфигурация 1

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.6.0
      End including
      5.6.34
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.7.0
      End including
      5.7.16
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.5.0
      End including
      5.5.53

      Конфигурация 2

      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      5.5.0
      End excliding
      5.5.54
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.1.0
      End excliding
      10.1.21
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.0.0
      End excliding
      10.0.29

      Конфигурация 3

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

      Конфигурация 4

      cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.4.2
Наверх