Vigil@nce - MySQL: multiple vulnerabilities
December 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of MySQL.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, MySQL
Community, MySQL Enterprise, openSUSE, openSUSE Leap, Percona
Server, XtraDB Cluster, Ubuntu.
Severity: 2/4.
Creation date: 21/10/2015.
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in MySQL.
An attacker can use a vulnerability of Client programs, in order
to obtain information, to alter information, or to trigger a
denial of service. [severity:2/4; CVE-2015-4819]
An attacker can use a vulnerability of Server : Security :
Encryption, in order to obtain or alter information.
[severity:2/4; CVE-2015-1793]
An attacker can use a vulnerability of Server : DML, in order to
obtain information, to alter information, or to trigger a denial
of service. [severity:2/4; CVE-2015-4879]
An attacker can use a vulnerability of Server : DDL, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4815]
An attacker can use a vulnerability of Server : DML, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4905]
An attacker can use a vulnerability of Server : DML, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4858]
An attacker can use a vulnerability of Server : DML, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4862]
An attacker can use a vulnerability of Server : InnoDB, in order
to trigger a denial of service. [severity:2/4; CVE-2015-4866]
An attacker can use a vulnerability of Server : InnoDB, in order
to trigger a denial of service. [severity:2/4; CVE-2015-4816]
An attacker can use a vulnerability of Server : Optimizer, in
order to trigger a denial of service. [severity:2/4; CVE-2015-4800]
An attacker can use a vulnerability of Server : Parser, in order
to trigger a denial of service. [severity:2/4; CVE-2015-4870]
An attacker can use a vulnerability of Server : Partition, in
order to trigger a denial of service. [severity:2/4; CVE-2015-4802]
An attacker can use a vulnerability of Server : Partition, in
order to trigger a denial of service. [severity:2/4; CVE-2015-4833]
An attacker can use a vulnerability of Server : Security :
Privileges, in order to alter information. [severity:2/4;
CVE-2015-4830]
An attacker can use a vulnerability of Server : Types, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4730]
An attacker can use a vulnerability of Server : Types, in order to
obtain information. [severity:2/4; CVE-2015-4826]
An attacker can use a vulnerability of libmysqld, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4904]
An attacker can use a vulnerability of Server : DML, in order to
trigger a denial of service. [severity:2/4; CVE-2015-4913]
An attacker can use a vulnerability of Server : InnoDB, in order
to trigger a denial of service. [severity:2/4; CVE-2015-4895]
An attacker can use a vulnerability of Server : InnoDB, in order
to trigger a denial of service. [severity:2/4; CVE-2015-4861]
An attacker can use a vulnerability of Server : Query Cache, in
order to trigger a denial of service. [severity:2/4; CVE-2015-4807]
An attacker can use a vulnerability of Server : Replication, in
order to trigger a denial of service. [severity:2/4; CVE-2015-4890]
An attacker can use a vulnerability of Server : Security :
Privileges, in order to trigger a denial of service.
[severity:2/4; CVE-2015-4791]
An attacker can use a vulnerability of Server : Security :
Privileges, in order to alter information. [severity:2/4;
CVE-2015-4864]
An attacker can use a vulnerability of Server : SP, in order to
trigger a denial of service. [severity:1/4; CVE-2015-4836]
An attacker can use a vulnerability of Server : Memcached, in
order to trigger a denial of service. [severity:1/4; CVE-2015-4910]
An attacker can use a vulnerability of Server : Security :
Firewall, in order to trigger a denial of service. [severity:1/4;
CVE-2015-4766]
An attacker can use a vulnerability of Server : Partition, in
order to trigger a denial of service. [severity:1/4; CVE-2015-4792]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/MySQL-multiple-vulnerabilities-18152