The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MySQL Enterprise

computer vulnerability announce CVE-2017-5664

Apache Tomcat: error page tampering

Synthesis of the vulnerability

An attacker can trigger an HTTP error in Apache Tomcat, in order to corrupt the error page documents.
Impacted products: Tomcat, Blue Coat CAS, Debian, Fedora, HP-UX, Junos Space, MySQL Community, MySQL Enterprise, openSUSE Leap, Oracle Fusion Middleware, Solaris, Tuxedo, WebLogic, Percona Server, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Ubuntu.
Severity: 2/4.
Creation date: 06/06/2017.
Identifiers: bulletinjul2017, cpuapr2018, CVE-2017-5664, DLA-996-1, DSA-3891-1, DSA-3892-1, FEDORA-2017-63789c8c29, FEDORA-2017-e4638a345c, HPESBUX03828, JSA10838, openSUSE-SU-2017:3069-1, RHSA-2017:1801-01, RHSA-2017:1802-01, RHSA-2017:1809-01, RHSA-2017:2493-01, RHSA-2017:2494-01, RHSA-2017:2633-01, RHSA-2017:2635-01, RHSA-2017:2636-01, RHSA-2017:2637-01, RHSA-2017:2638-01, RHSA-2017:3080-01, RHSA-2017:3081-01, SA156, SUSE-SU-2017:3039-1, SUSE-SU-2017:3059-1, SUSE-SU-2017:3279-1, SUSE-SU-2018:1847-1, USN-3519-1, VIGILANCE-VUL-22907.

Description of the vulnerability

The Apache Tomcat product offers a web service.

HTTP error pages may be customized. However, when the page content is provided by a static document instead of a servlet output, Tomcat allows to tamper with this source document.

An attacker can therefore trigger an HTTP error in Apache Tomcat, in order to corrupt the error page documents.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2017-5650 CVE-2017-5651

Apache Tomcat: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apache Tomcat.
Impacted products: Tomcat, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Snap Creator Framework, Percona Server, XtraDB Cluster.
Severity: 3/4.
Creation date: 11/04/2017.
Identifiers: CERTFR-2017-AVI-116, cpujul2017, CVE-2017-5650, CVE-2017-5651, NTAP-20180605-0001, NTAP-20180607-0001, NTAP-20180607-0002, NTAP-20180614-0001, VIGILANCE-VUL-22395.

Description of the vulnerability

Several vulnerabilities were announced in Apache Tomcat.

An attacker can make the server send to him the response of a not related request. [severity:3/4; CVE-2017-5651]

An attacker can send HTTP/2 requests which will block all server threads, in order to trigger a denial of service. [severity:3/4; CVE-2017-5650]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2017-5647

Apache Tomcat: information disclosure via response exchanges

Synthesis of the vulnerability

An attacker can send a burst of HTTP 1.1 request to Apache Tomcat, in order to get sensitive information.
Impacted products: Tomcat, Blue Coat CAS, Debian, Fedora, MariaDB ~ precise, ePO, MySQL Community, MySQL Enterprise, Snap Creator Framework, openSUSE Leap, Solaris, Percona Server, XtraDB Cluster, RHEL, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Ubuntu.
Severity: 3/4.
Creation date: 11/04/2017.
Identifiers: bulletinapr2017, cpujul2017, CVE-2017-5647, DLA-924-1, DLA-924-2, DSA-3842-1, DSA-3843-1, FEDORA-2017-5261ba4605, FEDORA-2017-d5aa7c77d6, NTAP-20180605-0001, NTAP-20180607-0001, NTAP-20180607-0002, NTAP-20180614-0001, openSUSE-SU-2017:1292-1, RHSA-2017:1801-01, RHSA-2017:1802-01, RHSA-2017:2493-01, RHSA-2017:2494-01, RHSA-2017:3080-01, RHSA-2017:3081-01, SA156, SB10199, SUSE-SU-2017:1229-1, SUSE-SU-2017:1382-1, SUSE-SU-2017:1632-1, SUSE-SU-2017:1660-1, USN-3519-1, VIGILANCE-VUL-22391.

Description of the vulnerability

The Apache Tomcat product includes an HTTP server.

In HTTP 1.1, the client may send several requests without waiting for the response to the first request. However, in some cases, the server mismatches the response body and the request, in such a way that a client may receive the response for another request. This vulnerability looks like the one described in VIGILANCE-VUL-21355.

An attacker can therefore send a burst of HTTP 1.1 request to Apache Tomcat, in order to get sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2016-7055 CVE-2017-3730 CVE-2017-3731

OpenSSL: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL.
Impacted products: Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Brocade vTM, Cisco ASR, Cisco ATA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Router, Cisco CUCM, Cisco Manager Attendant Console, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiOS, FreeBSD, hMailServer, AIX, IRAD, Rational ClearCase, Security Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ, Copssh, Junos OS, Juniper Network Connect, NSM Central Manager, NSMXpress, SRX-Series, MariaDB ~ precise, ePO, Meinberg NTP Server, MySQL Community, MySQL Enterprise, Data ONTAP, OpenSSL, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Solaris, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier, Palo Alto Firewall PA***, PAN-OS, Percona Server, XtraDB Cluster, pfSense, Pulse Connect Secure, Pulse Secure Client, RHEL, Slackware, stunnel, SUSE Linux Enterprise Desktop, SLES, Nessus, TrendMicro ServerProtect, Ubuntu, VxWorks.
Severity: 2/4.
Creation date: 26/01/2017.
Identifiers: 1117414, 2000544, 2000988, 2000990, 2002331, 2004036, 2004940, 2009389, 2010154, 2011567, 2012827, 2014202, 2014651, 2014669, 2015080, BSA-2016-204, BSA-2016-207, BSA-2016-211, BSA-2016-212, BSA-2016-213, BSA-2016-216, BSA-2016-234, bulletinapr2017, bulletinjan2018, bulletinoct2017, CERTFR-2017-AVI-035, CERTFR-2018-AVI-343, cisco-sa-20170130-openssl, cpuapr2017, cpujan2018, cpujul2017, cpujul2018, cpuoct2017, CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732, DLA-814-1, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FG-IR-17-019, FreeBSD-SA-17:02.openssl, JSA10775, K37526132, K43570545, K44512851, K-510805, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0481-1, openSUSE-SU-2017:0487-1, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2017:2011-1, openSUSE-SU-2017:2868-1, openSUSE-SU-2018:0458-1, PAN-70674, PAN-73914, PAN-SA-2017-0012, PAN-SA-2017-0014, PAN-SA-2017-0016, RHSA-2017:0286-01, SA141, SA40423, SB10188, SSA:2017-041-02, SUSE-SU-2018:0112-1, TNS-2017-03, USN-3181-1, VIGILANCE-VUL-21692.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

An attacker can force a read at an invalid address via Truncated Packet, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-3731]

An attacker can force a NULL pointer to be dereferenced via DHE/ECDHE Parameters, in order to trigger a denial of service. [severity:2/4; CVE-2017-3730]

An attacker can use a carry propagation error via BN_mod_exp(), in order to compute the private key. [severity:1/4; CVE-2017-3732]

An error occurs in the Broadwell-specific Montgomery Multiplication Procedure, but with no apparent impact. [severity:1/4; CVE-2016-7055]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2016-5541 CVE-2016-8318 CVE-2016-8327

Oracle MySQL: vulnerabilities of January 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle MySQL.
Impacted products: Debian, Fedora, MariaDB ~ precise, MySQL Community, MySQL Enterprise, openSUSE Leap, Solaris, Percona Server, XtraDB Cluster, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Creation date: 18/01/2017.
Identifiers: bulletinapr2017, CERTFR-2017-AVI-018, cpujan2017, CVE-2016-5541, CVE-2016-8318, CVE-2016-8327, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3251, CVE-2017-3256, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3273, CVE-2017-3291, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3319, CVE-2017-3320, CVE-2017-3321, CVE-2017-3322, CVE-2017-3323, DLA-797-1, DSA-3767-1, DSA-3770-1, DSA-3809-1, FEDORA-2017-09dd8907da, FEDORA-2017-0f44f2b8c8, FEDORA-2017-2c0609b92a, FEDORA-2017-801e01d1ed, FEDORA-2017-8425f676f2, openSUSE-SU-2017:0479-1, openSUSE-SU-2017:0486-1, openSUSE-SU-2017:0618-1, openSUSE-SU-2017:1475-1, RHSA-2017:2192-01, RHSA-2017:2787-01, RHSA-2017:2886-01, RHSA-2018:0574-01, SSA:2017-018-01, SSA:2017-087-01, SUSE-SU-2017:0408-1, SUSE-SU-2017:0411-1, SUSE-SU-2017:0412-1, SUSE-SU-2017:1311-1, SUSE-SU-2017:1315-1, USN-3174-1, VIGILANCE-VUL-21612.

Description of the vulnerability

An attacker can use several vulnerabilities of Oracle MySQL.

An attacker can use a vulnerability via Server: Security: Encryption, in order to trigger a denial of service. [severity:3/4; CVE-2016-8318]

An attacker can use a vulnerability via Server: Packaging, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2017-3312]

An attacker can use a vulnerability via Server: DDL, in order to trigger a denial of service. [severity:2/4; CVE-2017-3258]

An attacker can use a vulnerability via Server: DDL, in order to trigger a denial of service. [severity:2/4; CVE-2017-3273]

An attacker can use a vulnerability via Server: DML, in order to trigger a denial of service. [severity:2/4; CVE-2017-3244]

An attacker can use a vulnerability via Server: InnoDB, in order to trigger a denial of service. [severity:2/4; CVE-2017-3257]

An attacker can use a vulnerability via Server: Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2017-3238]

An attacker can use a vulnerability via Server: Replication, in order to trigger a denial of service. [severity:2/4; CVE-2017-3256]

An attacker can use a vulnerability via Server: Packaging, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2017-3291]

An attacker can use a vulnerability via Server: Packaging, in order to obtain information, or to trigger a denial of service. [severity:2/4; CVE-2017-3265]

An attacker can use a vulnerability via Server: Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2017-3251]

An attacker can use a vulnerability via Cluster: NDBAPI, in order to alter information, or to trigger a denial of service. [severity:2/4; CVE-2016-5541]

An attacker can use a vulnerability via Server: Charsets, in order to trigger a denial of service. [severity:2/4; CVE-2017-3313]

An attacker can use a vulnerability via Server: Charsets, in order to trigger a denial of service. [severity:2/4; CVE-2017-3243]

An attacker can use a vulnerability via Server: Replication, in order to trigger a denial of service. [severity:2/4; CVE-2016-8327]

An attacker can use a vulnerability via Logging, in order to trigger a denial of service. [severity:2/4; CVE-2017-3317]

An attacker can use a vulnerability via Server: Error Handling, in order to obtain information. [severity:2/4; CVE-2017-3318]

An attacker can use a vulnerability via Cluster: General, in order to trigger a denial of service. [severity:2/4; CVE-2017-3321]

An attacker can use a vulnerability via Cluster: General, in order to trigger a denial of service. [severity:2/4; CVE-2017-3323]

An attacker can use a vulnerability via Cluster: NDBAPI, in order to trigger a denial of service. [severity:2/4; CVE-2017-3322]

An attacker can use a vulnerability via Server: X Plugin, in order to obtain information. [severity:1/4; CVE-2017-3319]

An attacker can use a vulnerability via Server: Security: Encryption, in order to obtain information. [severity:1/4; CVE-2017-3320]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2016-9878

Spring Framework: directory traversal via ResourceServlet

Synthesis of the vulnerability

An attacker can traverse directories via ResourceServlet of Spring Framework, in order to read a file outside the service root path.
Impacted products: Fedora, QRadar SIEM, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Percona Server, XtraDB Cluster.
Severity: 2/4.
Creation date: 22/12/2016.
Identifiers: 1996375, 2015813, CVE-2016-9878, FEDORA-2016-f341d71730, RHSA-2017:3115-01, VIGILANCE-VUL-21453.

Description of the vulnerability

The Spring Framework product offers a web service.

However, user's data are directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories via ResourceServlet of Spring Framework, in order to read a file outside the service root path.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2016-7053 CVE-2016-7054 CVE-2016-7055

OpenSSL 1.1: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL 1.1.
Impacted products: Cisco ASR, Cisco Aironet, Cisco ATA, Cisco AnyConnect Secure Mobility Client, ASA, AsyncOS, Cisco ESA, IOS by Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco Wireless Controller, NetWorker, VNX Operating Environment, VNX Series, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiOS, IRAD, Tivoli Storage Manager, Copssh, Junos OS, Juniper Network Connect, NSM Central Manager, NSMXpress, SRX-Series, MySQL Community, MySQL Enterprise, Data ONTAP, OpenSSL, openSUSE Leap, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Solaris, Tuxedo, WebLogic, Oracle Web Tier, Percona Server, pfSense, Pulse Connect Secure, Pulse Secure Client.
Severity: 2/4.
Creation date: 10/11/2016.
Revision date: 13/12/2016.
Identifiers: 2004036, 2004940, 2011567, 492284, 492616, bulletinapr2017, CERTFR-2018-AVI-343, cisco-sa-20161114-openssl, cpujan2018, cpujul2017, CVE-2016-7053, CVE-2016-7054, CVE-2016-7055, ESA-2016-148, ESA-2016-149, FG-IR-17-019, JSA10775, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2018:0458-1, SA40423, VIGILANCE-VUL-21093.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL 1.1.

An attacker can generate a buffer overflow via ChaCha20/Poly1305, in order to trigger a denial of service. [severity:2/4; CVE-2016-7054]

An attacker can force a NULL pointer to be dereferenced via CMS Structures, in order to trigger a denial of service. [severity:2/4; CVE-2016-7053]

An error occurs in the Broadwell-specific Montgomery Multiplication Procedure, but with no apparent impact. [severity:1/4; CVE-2016-7055]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-3492 CVE-2016-3495 CVE-2016-5507

Oracle MySQL: vulnerabilities of October 2016

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle MySQL.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, MariaDB ~ precise, MySQL Community, MySQL Enterprise, openSUSE, openSUSE Leap, Solaris, Percona Server, XtraDB Cluster, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu.
Severity: 3/4.
Creation date: 18/10/2016.
Revision date: 19/10/2016.
Identifiers: bulletinapr2017, CERTFR-2016-AVI-351, cpuoct2016, CVE-2016-3492, CVE-2016-3495, CVE-2016-5507, CVE-2016-5584, CVE-2016-5598, CVE-2016-5609, CVE-2016-5612, CVE-2016-5616-REJECT, CVE-2016-5617-REJECT, CVE-2016-5624, CVE-2016-5625, CVE-2016-5626, CVE-2016-5627, CVE-2016-5628, CVE-2016-5629, CVE-2016-5630, CVE-2016-5631, CVE-2016-5632, CVE-2016-5633, CVE-2016-5634, CVE-2016-5635, CVE-2016-6663, CVE-2016-6664, CVE-2016-7440, CVE-2016-8283, CVE-2016-8284, CVE-2016-8286, CVE-2016-8287, CVE-2016-8288, CVE-2016-8289, CVE-2016-8290, DLA-708-1, DSA-3706-1, DSA-3711-1, FEDORA-2016-9b83c6862d, FEDORA-2016-c7e60a9fd4, K73828041, openSUSE-SU-2016:2746-1, openSUSE-SU-2016:2769-1, openSUSE-SU-2016:2788-1, openSUSE-SU-2016:3025-1, openSUSE-SU-2016:3028-1, RHSA-2016:2130-01, RHSA-2016:2131-01, RHSA-2016:2595-02, RHSA-2016:2749-01, RHSA-2016:2927-01, RHSA-2016:2928-01, RHSA-2017:0184-01, RHSA-2017:2192-01, SSA:2016-305-03, SUSE-SU-2016:2780-1, SUSE-SU-2016:2932-1, SUSE-SU-2016:2933-1, USN-3109-1, VIGILANCE-VUL-20891.

Description of the vulnerability

Several vulnerabilities were announced in Oracle MySQL.

An attacker can use a vulnerability via Server: Error Handling, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5617-REJECT, CVE-2016-6664]

An attacker can use a vulnerability via Server: MyISAM, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5616-REJECT, CVE-2016-6663]

An attacker can use a vulnerability via Server: Packaging, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-5625]

An attacker can use a vulnerability via Server: DML, in order to trigger a denial of service. [severity:2/4; CVE-2016-5609]

An attacker can use a vulnerability via Server: DML, in order to trigger a denial of service. [severity:2/4; CVE-2016-5612]

An attacker can use a vulnerability via Server: DML, in order to trigger a denial of service. [severity:2/4; CVE-2016-5624]

An attacker can use a vulnerability via Server: GIS, in order to trigger a denial of service. [severity:2/4; CVE-2016-5626]

An attacker can use a vulnerability via Server: Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2016-5627]

An attacker can use a vulnerability via Server: Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2016-3492]

An attacker can use a vulnerability via Connector/Python, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2016-5598]

An attacker can use a vulnerability via Server: Security: Encryption, in order to obtain information. [severity:2/4; CVE-2016-7440]

An attacker can use a vulnerability via Server: DML, in order to trigger a denial of service. [severity:2/4; CVE-2016-5628]

An attacker can use a vulnerability via Server: Federated, in order to trigger a denial of service. [severity:2/4; CVE-2016-5629]

An attacker can use a vulnerability via Server: InnoDB, in order to trigger a denial of service. [severity:2/4; CVE-2016-3495]

An attacker can use a vulnerability via Server: InnoDB, in order to trigger a denial of service. [severity:2/4; CVE-2016-5630]

An attacker can use a vulnerability via Server: InnoDB, in order to trigger a denial of service. [severity:2/4; CVE-2016-5507]

An attacker can use a vulnerability via Server: Memcached, in order to trigger a denial of service. [severity:2/4; CVE-2016-5631]

An attacker can use a vulnerability via Server: Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2016-5632]

An attacker can use a vulnerability via Server: Performance Schema, in order to trigger a denial of service. [severity:2/4; CVE-2016-5633]

An attacker can use a vulnerability via Server: RBR, in order to trigger a denial of service. [severity:2/4; CVE-2016-5634]

An attacker can use a vulnerability via Server: Security: Audit, in order to trigger a denial of service. [severity:2/4; CVE-2016-5635]

An attacker can use a vulnerability via Server: InnoDB, in order to alter information, or to trigger a denial of service. [severity:2/4; CVE-2016-8289]

An attacker can use a vulnerability via Server: Replication, in order to trigger a denial of service. [severity:2/4; CVE-2016-8287]

An attacker can use a vulnerability via Server: Performance Schema, in order to trigger a denial of service. [severity:2/4; CVE-2016-8290]

An attacker can use a vulnerability via Server: Security: Encryption, in order to obtain information. [severity:2/4; CVE-2016-5584]

An attacker can use a vulnerability via Server: Types, in order to trigger a denial of service. [severity:2/4; CVE-2016-8283]

An attacker can use a vulnerability via Server: InnoDB Plugin, in order to alter information. [severity:1/4; CVE-2016-8288]

An attacker can use a vulnerability via Server: Security: Privileges, in order to obtain information. [severity:1/4; CVE-2016-8286]

An attacker can use a vulnerability via Server: Replication, in order to trigger a denial of service. [severity:1/4; CVE-2016-8284]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability 20685

MySQL: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of MySQL.
Impacted products: MariaDB ~ precise, MySQL Community, MySQL Enterprise, XtraDB Cluster.
Severity: 2/4.
Creation date: 23/09/2016.
Revision date: 23/09/2016.
Identifiers: 1624397, 1624449, 24388746, VIGILANCE-VUL-20685.

Description of the vulnerability

Several vulnerabilities were announced in MySQL.

An attacker can bypass security features via the command REPAIR TABLE, in order to escalate his privileges. [severity:2/4; 1624397, 24388746]

An unknown vulnerability was announced via symbolic links. [severity:2/4; 1624449]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-6302 CVE-2016-6303 CVE-2016-6304

OpenSSL: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL.
Impacted products: SDS, SES, SNS, Mac OS X, Arkoon FAST360, Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco Aironet, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiGate, FortiGate Virtual Appliance, FortiOS, FreeBSD, FreeRADIUS, hMailServer, HP Switch, AIX, DB2 UDB, IRAD, QRadar SIEM, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ, Copssh, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, MariaDB ~ precise, McAfee Email Gateway, ePO, MySQL Community, MySQL Enterprise, NetScreen Firewall, ScreenOS, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Solaris, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier, Percona Server, XtraDB Cluster, pfSense, Pulse Connect Secure, Pulse Secure Client, Pulse Secure SBR, Puppet, RHEL, JBoss EAP by Red Hat, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Grid Manager, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Nessus, Ubuntu, WindRiver Linux, VxWorks.
Severity: 3/4.
Creation date: 22/09/2016.
Identifiers: 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1996096, 1999395, 1999421, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2000209, 2000544, 2002870, 2003480, 2003620, 2003673, 2008828, bulletinapr2017, bulletinjul2016, bulletinoct2016, CERTFR-2016-AVI-320, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpuapr2018, cpujan2017, cpujan2018, cpujul2017, cpuoct2017, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-16-050, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, HT207423, JSA10759, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, RHSA-2016:2802-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA132, SA40312, SB10171, SB10215, SOL54211024, SOL90492697, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, STORM-2016-005, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20678.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

An attacker can create a memory over consumption via an OCSP request, in order to trigger a denial of service. [severity:3/4; CVE-2016-6304]

An attacker can make a process block itself via SSL_peek, in order to trigger a denial of service. [severity:2/4; CVE-2016-6305]

An attacker can generate a buffer overflow via MDC2_Update, in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2016-6303]

An attacker can generate a read only buffer overflow, in order to trigger a denial of service. [severity:1/4; CVE-2016-6302]

An attacker can generate a read only buffer overflow via the parsing of an X.509 certificate, in order to trigger a denial of service. [severity:1/4; CVE-2016-6306]

An attacker can make the server allocates a large amount of memory to process TLS packets. [severity:1/4; CVE-2016-6307]

An attacker can make the server allocates a large amount of memory to process DTLS packets. [severity:1/4; CVE-2016-6308]
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about MySQL Enterprise: