CVE-2013-0386 - Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote a

CVE-2013-0386

Summary

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

References

Vulnerable Configurations

cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

CVSS

Base:	6.8 (as of 30-06-2022 - 19:52)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:C

oval via4

accepted

2015-06-01T04:00:12.138-04:00

class

vulnerability

contributors

name Sergey Artykhov
organization ALTX-SOFT
name Evgeniy Pavlov
organization ALTX-SOFT

definition_extensions

comment	MySQL 5.5 is installed
oval	oval:org.mitre.oval:def:8419

description

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

family

windows

oval:org.mitre.oval:def:16835

status

accepted

submitted

2013-04-29T10:26:26.748+04:00

title

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.5.28 and earlier. Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System hang or frequently repeatable crash (complete DOS)

version

refmap via4

confirm	http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
gentoo	GLSA-201308-06
mandriva	MDVSA-2013:150
secunia	53372
ubuntu	USN-1703-1

Last major update

30-06-2022 - 19:52

Published

17-01-2013 - 01:55

Last modified

30-06-2022 - 19:52