CVE-2016-0639
published 2016-04-21CVE-2016-0639: Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and…
PriorityP357critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
10.23%
95.1th percentile
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | mysql | 5.6.0 – 5.6.29 | — |
| oracle | mysql | 5.7.0 – 5.7.11 | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is an integer overflow during client handshake processing in MySQL Pluggable Authentication, affecting versions 5.6.6 through 5.6.29 and 5.7.x through 5.7.11. Monitor for anomalous or malformed authentication handshake packets sent to MySQL server ports. ↗
- →The vulnerability is exploitable by an unauthenticated remote attacker over the network via multiple protocols, meaning no credentials are required. Detect unauthenticated connection attempts that trigger server crashes or unexpected exits on MySQL. ↗
- →The vulnerable code was introduced in MySQL commit e2158318f55c924ce5cc40a45da56555a83b0dcb, meaning versions 5.6.6 and later (up to 5.6.29) are affected. Versions 5.5 and earlier, and MariaDB, are not affected and can be used as a baseline for comparison. ↗
- →The flaw occurs in the Pluggable Authentication subcomponent during handshake packet parsing. Inspect MySQL network traffic for out-of-bounds read conditions or malformed handshake packets that could indicate exploitation attempts. ↗
- ·Affected code does not exist in MySQL 5.5 and earlier, nor in MariaDB. All Red Hat-shipped MariaDB and mysql55 packages are listed as not affected. ↗
- ·Only Oracle MySQL 5.6.6 through 5.6.29 and 5.7.x through 5.7.11 are vulnerable. The vulnerability was introduced by a specific commit and is not present in earlier branches. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
MySQL vulnerabilities
vendor_ubuntu·2016-04-25
CVE-2016-0639 MySQL vulnerabilities
Title: MySQL vulnerabilities
Summary: Several security issues were fixed in MySQL.
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.7.12 in Ubuntu 16.04 LTS.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-12.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)
vendor_redhat·2016-04-21·CVSS 9.8
CVE-2016-0639 [CRITICAL] CWE-190 mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)
mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.
Package: mysql55-mysql (Red Hat Enterprise Linux 5) - Not affected
Package: mysql (Red Hat Enterprise Linux 6) - Not affected
Package: mariadb (Red Hat Enterprise Linux 7) - Not affected
Package: mariadb-galera (Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)) - Not affected
Package: mariadb-galera (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Not affected
Package: mariadb-galera (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)) - Not affected
Package
Ubuntu
MySQL vulnerabilities
vendor_ubuntu·2016-04-21
CVE-2016-0639 MySQL vulnerabilities
Title: MySQL vulnerabilities
Summary: Several security issues were fixed in MySQL.
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.49 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
Ubuntu 15.10 has been updated to MySQL 5.6.30.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-29.html
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-30.html
http://www.oracle.com/technetwork/security-
GHSA
GHSA-f26j-7rwf-2gmf: Unspecified vulnerability in Oracle MySQL 5
ghsa_unreviewed·2022-05-14
CVE-2016-0639 [CRITICAL] GHSA-f26j-7rwf-2gmf: Unspecified vulnerability in Oracle MySQL 5
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.
OSV
CVE-2016-0639: Unspecified vulnerability in Oracle MySQL 5
osv·2016-04-20·CVSS 9.8
CVE-2016-0639 [CRITICAL] CVE-2016-0639: Unspecified vulnerability in Oracle MySQL 5
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.
No detection rules found.
No public exploits indexed.
Qualys
Oracle Critical Patch Update April 2016 | Qualys
blogs_qualys·2016-04-22·CVSS 8.1
CVE-2016-0636 [HIGH] Oracle Critical Patch Update April 2016 | Qualys
This week Oracle released their quarterly Critical Patch Update (CPU) for April 2016. The CPU addresses 136 vulnerabilities in 49 products, including Java, Solaris, several middleware products, VirtualBox, the MySQL database and the original Oracle database.
Oracle does not mention any vulnerabilities that are under known attacks, but points out that there was an out-of-band release for Java to fix CVE-2016-0636 last month.
Java is one of the software packages that are constantly under attack. Java as a full fledged programming languages gives the attacker a large attack surface and then a wide array of tools to continue post-exploitation. This update fixes nine vulnerabilities with the most three most critical sporting a CVSS of 9.6. The top three apply only to client deployments of Jav
Qualys
Oracle Critical Patch Update April 2016 | Qualys
blogs_qualys·2016-04-22·CVSS 8.1
CVE-2016-0636 [HIGH] Oracle Critical Patch Update April 2016 | Qualys
This week Oracle released their quarterly Critical Patch Update (CPU) for April 2016. The CPU addresses 136 vulnerabilities in 49 products, including Java, Solaris, several middleware products, VirtualBox, the MySQL database and the original Oracle database.
Oracle does not mention any vulnerabilities that are under known attacks, but points out that there was an out-of-band release for Java to fix CVE-2016-0636 last month.
Java is one of the software packages that are constantly under attack. Java as a full fledged programming languages gives the attacker a large attack surface and then a wide array of tools to continue post-exploitation. This update fixes nine vulnerabilities with the most three most critical sporting a CVSS of 9.6. The top three apply only to client deployments of Jav
Bugzilla
CVE-2016-0639 mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)
bugzilla·2016-04-21·CVSS 9.8
CVE-2016-0639 [CRITICAL] CVE-2016-0639 mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)
CVE-2016-0639 mysql: unspecified vulnerability in subcomponent: Server: Pluggable Authentication (CPU April 2016)
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Authentication). Supported versions that are affected are 5.6.29 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server.
External References:
http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixMSQL
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL
Discussion:
Reviewing commits between 5.6.29 and 5.6.30, it seems this
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0705.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlhttp://www.securityfocus.com/bid/86418http://www.securitytracker.com/id/1035606http://www.ubuntu.com/usn/USN-2953-1http://www.ubuntu.com/usn/USN-2954-1http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0705.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlhttp://www.securityfocus.com/bid/86418http://www.securitytracker.com/id/1035606http://www.ubuntu.com/usn/USN-2953-1http://www.ubuntu.com/usn/USN-2954-1
2016-04-21
Published