SB2017072411 - Ubuntu update for MySQL

Main Vulnerability Database SB2017072411

SB2017072411 - Ubuntu update for MySQL

Published: July 24, 2017

Security Bulletin ID SB2017072411

Severity

Low

Patch available

YES

Number of vulnerabilities 19

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 19 secuirty vulnerabilities.

1) Use-after-free error (CVE-ID: CVE-2017-3302)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free error in the libmysqlclient.so. A remote attacker can cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Man-in-the-middle attack (CVE-ID: CVE-2017-3305)

The vulnerability allows a remote authenticated attacker to conduct man-in-the-middle attack on the target system.

The weakness exists due to checking only after authentication whether server supported SSL. A remote attacker can gain access to potentially sensitive information.

3) Security restrictions bypass (CVE-ID: CVE-2017-3308)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

4) Security restrictions bypass (CVE-ID: CVE-2017-3309)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

5) Improper input validation (CVE-ID: CVE-2017-3329)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper input validation within the Thread Pooling subcomponent. A remote attacker can send a specially crated MySQL packet to the affected server and cause it to crash.

6) Security restrictions bypass (CVE-ID: CVE-2017-3453)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

7) Security restrictions bypass (CVE-ID: CVE-2017-3456)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

8) Security restrictions bypass (CVE-ID: CVE-2017-3461)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

9) Security restrictions bypass (CVE-ID: CVE-2017-3462)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

10) Security restrictions bypass (CVE-ID: CVE-2017-3463)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.

11) Security restrictions bypass (CVE-ID: CVE-2017-3464)

The vulnerability allows a remote authenticated attacker to write arbitrary files on the target system.

The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can update, insert or delete some of MySQL Server accessible data.

12) Command injection (CVE-ID: CVE-2017-3600)

The vulnerability allows a remote attacker to execute arbitrary shell or SQL commands on the target system.

The weakness exists due to command injection. A remote authenticated attacker can execute arbitrary shell or SQL commands.

13) Improper Access Control (CVE-ID: CVE-2017-3635)

The vulnerability exists due to an unspecified error in the MySQL Server within C API component. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.

14) Improper Access Control (CVE-ID: CVE-2017-3636)

The vulnerability exists due to an unspecified error in the MySQL Server within Client programs component. A local user can exploit the vulnerability to gain full access to MySQL databases.

15) Improper Access Control (CVE-ID: CVE-2017-3641)

The vulnerability exists due to an unspecified error in the MySQL Server within DML component. A remote privileged user can exploit the vulnerability to perform a denial of service attack.

16) Improper Access Control (CVE-ID: CVE-2017-3648)

The vulnerability exists due to an unspecified error in the MySQL Server within Charsets component. A remote privileged user can exploit the vulnerability to perform a denial of service attack.

17) Improper Access Control (CVE-ID: CVE-2017-3651)

The vulnerability exists due to an unspecified error in the MySQL Server within Client mysqldump component. A remote authenticated attacker can exploit the vulnerability to perform unauthorized modification of data.

18) Improper Access Control (CVE-ID: CVE-2017-3652)

The vulnerability exists due to an unspecified error in the MySQL Server within DDL component. A remote authenticated attacker can exploit the vulnerability to gain access unauthorized access and modify data.

19) Improper Access Control (CVE-ID: CVE-2017-3653)

The vulnerability exists due to an unspecified error in the MySQL Server within DDL component. A remote authenticated attacker can exploit the vulnerability to perform unauthorized modification of data.

Remediation

Install update from vendor's website.

References

http://www.ubuntu.com/usn/usn-3357-2/