PT-2014-7265 · Oracle+6 · Mysql Server+6

Publicado

2014-08-05

·

Atualizado

2022-08-26

·

CVE-2014-6520

CVSS v2.0

4.0

Média

VetorAV:N/AC:L/Au:S/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Oracle MySQL Server versions 5.5.38 and earlier
Description The issue allows remote authenticated users to affect availability via vectors related to SERVER:DDL. This means that authenticated users can potentially impact the system's availability through specific actions related to data definition language (DDL) operations on the server.
Recommendations For Oracle MySQL Server versions 5.5.38 and earlier, consider restricting access to DDL operations to minimize the risk of exploitation until a fix is available. As a temporary workaround, limit the privileges of remote authenticated users to reduce the potential impact on availability.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2015-1152
ALT-PU-2015-1749
CESA-2014_1861
CVE-2014-6520
DSA-3054-1
RHSA-2014:1859
RHSA-2014:1860
RHSA-2014:1861
RHSA-2014:1862
RHSA-2014:1937
RHSA-2014:1940
RHSA-2014_1859
RHSA-2014_1861
SUSE-SU-2015:0743-1
USN-2384-1

Produtos afetados

Alt Linux
Centos
Mariadb Server
Mysql Server
Red Hat
Suse
Ubuntu