{"id":"MGASA-2017-0289","summary":"Updated mariadb packages fix security vulnerabilities","details":"Difficult to exploit vulnerability in MariaDB Server allows high\nprivileged attacker with logon to the infrastructure where MariaDB\nServer executes to compromise MariaDB Server. Successful attacks\nrequire human interaction from a person other than the attacker.\nSuccessful attacks of this vulnerability can result in unauthorized\naccess to critical data or complete access to all MariaDB Server\naccessible data and unauthorized ability to cause a hang or frequently\nrepeatable crash (complete DOS) of MariaDB Server (CVE-2017-3265).\n\nEasily exploitable vulnerability in MariaDB Server allows low privileged\nattacker with logon to the infrastructure where MariaDB Server executes\nto compromise MariaDB Server. Successful attacks of this vulnerability\ncan result in unauthorized update, insert or delete access to some of\nMariaDB Server accessible data as well as unauthorized read access to a\nsubset of MariaDB Server accessible data and unauthorized ability to\ncause a partial denial of service (partial DOS) of MariaDB Server\n(CVE-2017-3636).\n\nEasily exploitable vulnerability in MariaDB Server allows high\nprivileged attacker with network access via multiple protocols to\ncompromise MariaDB Server. Successful attacks of this vulnerability can\nresult in unauthorized ability to cause a hang or frequently repeatable\ncrash (complete DOS) of MariaDB Server (CVE-2017-3641).\n\nDifficult to exploit vulnerability in MariaDB Server allows low\nprivileged attacker with network access via multiple protocols to\ncompromise MariaDB Server. Successful attacks of this vulnerability can\nresult in unauthorized update, insert or delete access to some of\nMariaDB Server accessible data (CVE-2017-3653).\n","modified":"2026-01-30T12:43:10.012348Z","published":"2017-08-20T08:48:42Z","related":["CVE-2017-3265","CVE-2017-3636","CVE-2017-3641","CVE-2017-3653"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0289.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21557"},{"type":"REPORT","url":"https://mariadb.com/kb/en/mariadb/mariadb-10032-release-notes/"},{"type":"REPORT","url":"https://mariadb.com/kb/en/mariadb-10032-changelog/"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.32-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0289.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}