cbcvebase.
CVE-2016-0639
published 2016-04-21

CVE-2016-0639: Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and…

PriorityP357critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
10.23%
95.1th percentile
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.

Affected

4 ranges
VendorProductVersion rangeFixed in
oraclemysql5.6.0 – 5.6.29
oraclemysql5.7.0 – 5.7.11
redhatenterprise_linux
redhatenterprise_linux

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is an integer overflow during client handshake processing in MySQL Pluggable Authentication, affecting versions 5.6.6 through 5.6.29 and 5.7.x through 5.7.11. Monitor for anomalous or malformed authentication handshake packets sent to MySQL server ports.
  • The vulnerability is exploitable by an unauthenticated remote attacker over the network via multiple protocols, meaning no credentials are required. Detect unauthenticated connection attempts that trigger server crashes or unexpected exits on MySQL.
  • The vulnerable code was introduced in MySQL commit e2158318f55c924ce5cc40a45da56555a83b0dcb, meaning versions 5.6.6 and later (up to 5.6.29) are affected. Versions 5.5 and earlier, and MariaDB, are not affected and can be used as a baseline for comparison.
  • The flaw occurs in the Pluggable Authentication subcomponent during handshake packet parsing. Inspect MySQL network traffic for out-of-bounds read conditions or malformed handshake packets that could indicate exploitation attempts.
  • ·Affected code does not exist in MySQL 5.5 and earlier, nor in MariaDB. All Red Hat-shipped MariaDB and mysql55 packages are listed as not affected.
  • ·Only Oracle MySQL 5.6.6 through 5.6.29 and 5.7.x through 5.7.11 are vulnerable. The vulnerability was introduced by a specific commit and is not present in earlier branches.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.