Oracle MySQL Server Remote Vulnerabilities (CVE-2015-0411)
Release date:
Updated on:
Affected Systems:
Oracle MySQL Server <= 5.6.21
Oracle MySQL Server <= 5.5.40
Description:
Bugtraq id: 72191
CVE (CAN) ID: CVE-2015-0411
Oracle MySQL Server is a lightweight relational database system.
Oracle MySQL Server has a remote Security vulnerability in the implementation of the Server: Security: Encryption sub-component. This vulnerability can be exploited through the MySQL Protocol, unauthenticated remote attackers can exploit this vulnerability to affect the confidentiality, integrity, and availability of affected components. Versions affected by this vulnerability include 5.5.40 and earlier versions, 5.6.21 and earlier versions.
<* Source: Oracle
Link: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
*>
Suggestion:
Vendor patch:
Oracle
------
Oracle has released a Security Bulletin (cpujan2015-1972971) and patches for this:
Cpujan2015-1972971: Oracle Critical Patch Update Advisory-January 2015
Link: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
This article permanently updates the link address: