ID

VAR-201410-0828


CVE

CVE-2014-6494


TITLE

Oracle MySQL of MySQL Server In CLIENT:SSL:yaSSL Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-004809

DESCRIPTION

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. This vulnerability CVE-2014-6496 Is a different vulnerability.Service disruption by a third party (DoS) An attack may be carried out. The vulnerability can be exploited over the 'MySQL Protocol' protocol. The 'CLIENT:SSL:yaSSL' sub component is affected. This vulnerability affects the following supported versions: 5.5.39 and earlier, 5.6.20 and earlier. The database system has the characteristics of high performance, low cost and good reliability. ============================================================================ Ubuntu Security Notice USN-2384-1 October 15, 2014 mysql-5.5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.5: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: mysql-server-5.5 5.5.40-0ubuntu0.12.04.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2384-1 CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559 Package Information: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb (SSA:2014-307-01) New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-5.5.40-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-5.5.40-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: da0aff5bebbbdc0621359c0fea027ae6 mariadb-5.5.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: dbb7d695a22ae538b5ad9c024823b190 mariadb-5.5.40-x86_64-1_slack14.1.txz Slackware -current package: f9ca4cf6015ddbb73dfba16c535caffc ap/mariadb-5.5.40-i486-1.txz Slackware x86_64 -current package: 6924f64b6c147556a58a2c6f1929ab5e ap/mariadb-5.5.40-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-5.5.40-i486-1_slack14.1.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRYJz0ACgkQakRjwEAQIjPqygCeN1AAAJQbjyTDPKmJlNj5+1Qw 3IkAn3kpZO670aM3MoWqkCEfyHX4gXXu =11Km -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MySQL, MariaDB: Multiple vulnerabilities Date: November 05, 2014 Bugs: #525504 ID: 201411-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. Background ========== MySQL is a popular multi-threaded, multi-user SQL server. MariaDB is an enhanced, drop-in replacement for MySQL. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 5.5.40 >= 5.5.40 2 dev-db/mariadb < 5.5.40-r1 >= 5.5.40-r1 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code, Denial of Service, or disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.40" All MariaDB users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mariadb-5.5.40-r1" References ========== [ 1 ] CVE-2014-6464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6464 [ 2 ] CVE-2014-6469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6469 [ 3 ] CVE-2014-6491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6491 [ 4 ] CVE-2014-6494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6494 [ 5 ] CVE-2014-6496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6496 [ 6 ] CVE-2014-6500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6500 [ 7 ] CVE-2014-6507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6507 [ 8 ] CVE-2014-6555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6555 [ 9 ] CVE-2014-6559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6559 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.40-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages

Trust: 2.43

sources: NVD: CVE-2014-6494 // JVNDB: JVNDB-2014-004809 // BID: 70497 // VULHUB: VHN-74438 // VULMON: CVE-2014-6494 // PACKETSTORM: 128698 // PACKETSTORM: 128950 // PACKETSTORM: 128990 // PACKETSTORM: 128759

AFFECTED PRODUCTS

vendor:oraclemodel:mysqlscope:lteversion:5.5.39

Trust: 1.8

vendor:oraclemodel:mysqlscope:lteversion:5.6.20

Trust: 1.8

vendor:oraclemodel:solarisscope:eqversion:11.3

Trust: 1.6

vendor:mariadbmodel:mariadbscope:gteversion:5.5.0

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:12

Trust: 1.0

vendor:junipermodel:junos spacescope:lteversion:15.1

Trust: 1.0

vendor:susemodel:linux enterprise software development kitscope:eqversion:12

Trust: 1.0

vendor:susemodel:linux enterprise workstation extensionscope:eqversion:12

Trust: 1.0

vendor:mariadbmodel:mariadbscope:ltversion:10.0.15

Trust: 1.0

vendor:mariadbmodel:mariadbscope:gteversion:10.0.0

Trust: 1.0

vendor:susemodel:linux enterprise desktopscope:eqversion:12

Trust: 1.0

vendor:oraclemodel:mysqlscope:gteversion:5.6.0

Trust: 1.0

vendor:oraclemodel:mysqlscope:gteversion:5.5.0

Trust: 1.0

vendor:mariadbmodel:mariadbscope:ltversion:5.5.40

Trust: 1.0

vendor:mysql abmodel:mysqlscope:lteversion:5.5.9

Trust: 0.8

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

sources: BID: 70497 // JVNDB: JVNDB-2014-004809 // CNNVD: CNNVD-201410-402 // NVD: CVE-2014-6494

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-6494
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-6494
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201410-402
value: MEDIUM

Trust: 0.6

VULHUB: VHN-74438
value: MEDIUM

Trust: 0.1

VULMON: CVE-2014-6494
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-6494
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-74438
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-74438 // VULMON: CVE-2014-6494 // JVNDB: JVNDB-2014-004809 // CNNVD: CNNVD-201410-402 // NVD: CVE-2014-6494

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-6494

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-402

TYPE

Unknown

Trust: 0.3

sources: BID: 70497

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004809

PATCH

title:Text Form of Oracle Critical Patch Update - October 2014 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpuoct2014verbose-1972962.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - October 2014url:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Trust: 0.8

title:Oracle Solaris Third Party Bulletin - October 2015url:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Trust: 0.8

title:October 2014 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/october_2014_critical_patch_update

Trust: 0.8

title:JSA10698url:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698&actp=search

Trust: 0.8

title:Oracle MySQL Server Remediation measures for denial of service vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=206014

Trust: 0.6

title:Red Hat: CVE-2014-6494url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2014-6494

Trust: 0.1

title:Amazon Linux AMI: ALAS-2014-428url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2014-428

Trust: 0.1

title:Debian CVElist Bug Report Logs: cyassl: CVE-2014-2901 CVE-2014-2902 CVE-2014-2903 CVE-2014-2904 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=11d6fda56ad8f0f5aff8f1a4088693e7

Trust: 0.1

title:Ubuntu Security Notice: mysql-5.5 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2384-1

Trust: 0.1

title:Debian Security Advisories: DSA-3054-1 mysql-5.5 -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=dc9d1bd54965b02ce0b328f02c7c1489

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=ac5af5dd99788925425f5747ec672707

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2015url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=92308e3c4d305e91c2eba8c9c6835e83

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=a31bff03e9909229fd67996884614fdf

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2014-6496

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2014-6494

Trust: 0.1

sources: VULMON: CVE-2014-6494 // JVNDB: JVNDB-2014-004809 // CNNVD: CNNVD-201410-402

EXTERNAL IDS

db:NVDid:CVE-2014-6494

Trust: 3.3

db:BIDid:70497

Trust: 2.1

db:SECUNIAid:62073

Trust: 1.8

db:SECUNIAid:61579

Trust: 1.8

db:JUNIPERid:JSA10698

Trust: 1.8

db:JVNDBid:JVNDB-2014-004809

Trust: 0.8

db:CNNVDid:CNNVD-201410-402

Trust: 0.7

db:VULHUBid:VHN-74438

Trust: 0.1

db:VULMONid:CVE-2014-6494

Trust: 0.1

db:PACKETSTORMid:128698

Trust: 0.1

db:PACKETSTORMid:128950

Trust: 0.1

db:PACKETSTORMid:128990

Trust: 0.1

db:PACKETSTORMid:128759

Trust: 0.1

sources: VULHUB: VHN-74438 // VULMON: CVE-2014-6494 // BID: 70497 // JVNDB: JVNDB-2014-004809 // PACKETSTORM: 128698 // PACKETSTORM: 128950 // PACKETSTORM: 128990 // PACKETSTORM: 128759 // CNNVD: CNNVD-201410-402 // NVD: CVE-2014-6494

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Trust: 2.0

url:http://security.gentoo.org/glsa/glsa-201411-02.xml

Trust: 1.9

url:http://www.securityfocus.com/bid/70497

Trust: 1.8

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 1.8

url:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Trust: 1.8

url:http://secunia.com/advisories/61579

Trust: 1.8

url:http://secunia.com/advisories/62073

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html

Trust: 1.8

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10698

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6494

Trust: 0.9

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6494

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2014-6469

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6491

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6500

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6555

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6496

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6464

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6507

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6559

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6494

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2014-6463

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6478

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6495

Trust: 0.2

url:http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6551

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6484

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-4274

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-4287

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6505

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6520

Trust: 0.2

url:http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2014-6530

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-5615

Trust: 0.2

url:http://www.debian.org/security/

Trust: 0.2

url:http://kb.juniper.net/infocenter/index?page=content&amp;id=jsa10698

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2014-6496

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2014-6494

Trust: 0.1

url:https://usn.ubuntu.com/2384-1/

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=36083

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.14.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.40-0ubuntu0.12.04.1

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-2384-1

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6555

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6496

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6507

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6500

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6491

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6469

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6559

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6464

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6559

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6507

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6500

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6464

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6494

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6491

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6555

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6469

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6496

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

sources: VULHUB: VHN-74438 // VULMON: CVE-2014-6494 // JVNDB: JVNDB-2014-004809 // PACKETSTORM: 128698 // PACKETSTORM: 128950 // PACKETSTORM: 128990 // PACKETSTORM: 128759 // CNNVD: CNNVD-201410-402 // NVD: CVE-2014-6494

CREDITS

Oracle

Trust: 0.3

sources: BID: 70497

SOURCES

db:VULHUBid:VHN-74438
db:VULMONid:CVE-2014-6494
db:BIDid:70497
db:JVNDBid:JVNDB-2014-004809
db:PACKETSTORMid:128698
db:PACKETSTORMid:128950
db:PACKETSTORMid:128990
db:PACKETSTORMid:128759
db:CNNVDid:CNNVD-201410-402
db:NVDid:CVE-2014-6494

LAST UPDATE DATE

2024-11-23T20:00:53.258000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-74438date:2018-12-18T00:00:00
db:VULMONid:CVE-2014-6494date:2022-08-29T00:00:00
db:BIDid:70497date:2015-07-15T01:04:00
db:JVNDBid:JVNDB-2014-004809date:2015-12-02T00:00:00
db:CNNVDid:CNNVD-201410-402date:2022-08-30T00:00:00
db:NVDid:CVE-2014-6494date:2024-11-21T02:14:30.190

SOURCES RELEASE DATE

db:VULHUBid:VHN-74438date:2014-10-15T00:00:00
db:VULMONid:CVE-2014-6494date:2014-10-15T00:00:00
db:BIDid:70497date:2014-10-14T00:00:00
db:JVNDBid:JVNDB-2014-004809date:2014-10-20T00:00:00
db:PACKETSTORMid:128698date:2014-10-15T23:08:56
db:PACKETSTORMid:128950date:2014-11-04T18:10:24
db:PACKETSTORMid:128990date:2014-11-06T17:09:34
db:PACKETSTORMid:128759date:2014-10-21T00:40:52
db:CNNVDid:CNNVD-201410-402date:2014-10-17T00:00:00
db:NVDid:CVE-2014-6494date:2014-10-15T22:55:05.983