Published: 16/05/2016 Updated: 29/08/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Oracle MySQL prior to 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) prior to 6.1.3, and MariaDB prior to 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle malicious users to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql
oracle mysql connector\\/c
mariadb mariadb
fedoraproject fedora 22
fedoraproject fedora 21
debian debian linux 8.0
redhat enterprise linux desktop 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux server 7.0
redhat enterprise linux eus 7.1
redhat enterprise linux server tus 7.3
redhat enterprise linux server aus 7.3
redhat enterprise linux server aus 7.4
redhat enterprise linux eus 7.3
redhat enterprise linux eus 7.4
redhat enterprise linux eus 7.5
redhat enterprise linux server tus 7.6
redhat enterprise linux server aus 7.6
redhat enterprise linux eus 7.6
redhat enterprise linux eus 7.2
redhat enterprise linux server aus 7.7
redhat enterprise linux server tus 7.7
redhat enterprise linux eus 7.7
php php

Debian Bug report logs - #866821 libdbd-mysql-perl: CVE-2017-10789 Package: src:libdbd-mysql-perl; Maintainer for src:libdbd-mysql-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 2 Jul 2017 07:33:05 UTC Severity: important Tag ...

Several issues have been discovered in the MariaDB database server The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10020 Please see the MariaDB 100 Release Notes for further details: mariadbcom/kb/en/mariadb/mariadb-10017-release-notes/ mariadbcom/kb/en/mariadb/mariadb-10018-release-notes/ ...

PHP process crashes when processing an invalid file with the "phar" extension (CVE-2015-5589) As discussed <a href="bugsphpnet/bugphp?id=69669">upstream</a>, mysqlnd is vulnerable to the attack described in <a href="wwwduosecuritycom/blog/backronym-mysql-vulnerability">wwwduosecuritycom/blog/backron ...

It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server ...

CVE-2015-3152 PoC

mysslstrip mysslstrip is a Python-based proof of concept showing how to MITM MySQL traffic and strip SSL/TLS, as per CVE-2015-3152 Usage mysslstrippy [-h] [-p LISTEN_PORT] [-i LISTEN_INTERFACE] dest Example Output [root@duo1 ~]# python27 mysslstrippy -p 3307 127001:3306 2015-04-29 21:33:14+0000 [-] Log opened 2015-04-29 21:33:14+0000 [-] listen: 127001:3307; connect:

Perl devs solve ancient Riddle: 'What's a vuln we caught from Oracle?'

The Register • Richard Chirgwin • 06 Jul 2017

BACKRONYM also fixed, so pull the patch

The Perl 5 database interface maintainers have issued an important patch for DBD—MySQL: in some configurations it wasn't enforcing encryption. As CVE-2017-10789 explains: “The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a 'your communication with the server will be encrypted' statement), which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issu...

CVE-2015-3152

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect