CVE-2017-3244

CVE-2017-3244

Name

CVE-2017-3244

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Third Party Advisory	http://www.debian.org/security/2017/dsa-3767
Third Party Advisory	http://www.debian.org/security/2017/dsa-3770
Patch	http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
Third Party Advisory	http://www.securityfocus.com/bid/95565
Broken Link	http://www.securitytracker.com/id/1037640
Third Party Advisory	https://access.redhat.com/errata/RHSA-2017:2192
Third Party Advisory	https://access.redhat.com/errata/RHSA-2017:2787
Third Party Advisory	https://access.redhat.com/errata/RHSA-2017:2886
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:0279
Third Party Advisory	https://access.redhat.com/errata/RHSA-2018:0574
Third Party Advisory	https://security.gentoo.org/glsa/201702-17
Third Party Advisory	https://security.gentoo.org/glsa/201702-18

Type

URI

Third Party Advisory

http://www.debian.org/security/2017/dsa-3767

Third Party Advisory

http://www.debian.org/security/2017/dsa-3770

Patch

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html

Third Party Advisory

http://www.securityfocus.com/bid/95565

Broken Link

http://www.securitytracker.com/id/1037640

Third Party Advisory

https://access.redhat.com/errata/RHSA-2017:2192

Third Party Advisory

https://access.redhat.com/errata/RHSA-2017:2787

Third Party Advisory

https://access.redhat.com/errata/RHSA-2017:2886

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:0279

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:0574

Third Party Advisory

https://security.gentoo.org/glsa/201702-17

Third Party Advisory

https://security.gentoo.org/glsa/201702-18

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:oracle:mysql::::::::`	mysql	>= 5.5.0	<= 5.5.53
`cpe:2.3:a:oracle:mysql::::::::`	mysql	>= 5.6.0	<= 5.6.34
`cpe:2.3:a:oracle:mysql::::::::`	mysql	>= 5.7.0	<= 5.7.16

CPE URI

Source package

Min version

Max version

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

mysql

>= 5.5.0

<= 5.5.53

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

mysql

>= 5.6.0

<= 5.6.34

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

mysql

>= 5.7.0

<= 5.7.16

References

Match rules

Vulnerable and fixed packages