Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Debian 8: DLA-1488-1 Critical: Mariadb 10.0 Denial of Service

debian lts
Calendar Grey August 31, 2018
Dist Debian Esm H88
Enhance postgresql-9.4 components to resolve various vulnerability concerns in Ubuntu 16.04. Addresses numerous significant threats.
Several issues have been discovered in the MariaDB database server

Summary

CVE-2018-3058

Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of MySQL Server accessible data.

CVE-2018-3063

Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.

CVE-2018-3064

Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete access

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

<pre><font face="Courier">Package: mariadb-10.0
Version: 10.0.36-0+deb8u1
CVE ID: CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066
Debian Bug: 904121

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here