PT-2016-6560 · Oracle+5 · Mysql Server+4

Publicado

2016-10-17

Atualizado

2024-06-15

CVE-2016-5584

CVSS v3.1

4.4

Média

Vetor

AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 5.5.52 and earlier Oracle MySQL versions 5.6.33 and earlier Oracle MySQL versions 5.7.15 and earlier

Description The issue affects the confidentiality of data and is related to encryption in the Server component of Oracle MySQL. It can be exploited by a high-privileged attacker with network access via multiple protocols, potentially leading to a denial of service (DOS) through crashing or hanging the MySQL Server.

Recommendations For Oracle MySQL versions 5.5.52 and earlier, update to a version later than 5.5.52 to resolve the issue. For Oracle MySQL versions 5.6.33 and earlier, update to a version later than 5.6.33 to resolve the issue. For Oracle MySQL versions 5.7.15 and earlier, update to a version later than 5.7.15 to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2016-2238

ALT-PU-2016-2272

CVE-2016-5584

DLA-708-1

DSA-3706-1

DSA-3711-1

MGASA-2016-0371

OPENSUSE-SU-2016_2769-1

OPENSUSE-SU-2016_2788-1

OPENSUSE-SU-2016_3025-1

OPENSUSE-SU-2016_3028-1

OPENSUSE-SU-2024:10200-1

OPENSUSE-SU-2024:11038-1

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

SUSE-SU-2016:2780-1

SUSE-SU-2016:2932-1

SUSE-SU-2016:2933-1

USN-3109-1

Produtos afetados

Alt Linux

Mariadb Server

Mysql Server

Suse

Ubuntu

PT-2016-6560 · Oracle+5 · Mysql Server+4

CVE-2016-5584

Identificadores relacionados

Produtos afetados

Referências · 642