PT-2016-3701 · Mariadb+2 · Mariadb+2

Johannes Segitz

Published

2016-02-01

Updated

2024-06-15

CVE-2015-5969

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions mysql-community-server versions prior to 5.6.28-2.17.1 mysql-community-server versions prior to 5.6.28-13.1 mariadb versions prior to 10.0.22-2.21.2 mariadb versions prior to 10.0.22-3.1

Description The issue allows local users to discover database credentials by listing a process and its arguments. This is due to a flaw in the mysql-systemd-helper script.

Recommendations For mysql-community-server versions prior to 5.6.28-2.17.1, update to version 5.6.28-2.17.1 or later. For mysql-community-server versions prior to 5.6.28-13.1, update to version 5.6.28-13.1 or later. For mariadb versions prior to 10.0.22-2.21.2, update to version 10.0.22-2.21.2 or later. For mariadb versions prior to 10.0.22-3.1, update to version 10.0.22-3.1 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-5969

OPENSUSE-SU-2016_0367-1

OPENSUSE-SU-2024:10153-1

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

SUSE-SU-2016:0296-1

Affected Products

Suse

Mariadb

Mysql Community Server

PT-2016-3701 · Mariadb+2 · Mariadb+2

CVE-2015-5969

Weakness Enumeration

Related Identifiers

Affected Products

References · 475