Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2016-2047

Published: 27/01/2016 Updated: 27/12/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Mariadb

Vulnerability Summary

The ssl_verify_server_cert function in sql-common/client.c in MariaDB prior to 5.5.47, 10.0.x prior to 10.0.23, and 10.1.x prior to 10.1.10; Oracle MySQL 5.5.48 and previous versions, 5.6.29 and previous versions, and 5.7.11 and previous versions; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."

Vulnerable Product Search on Vulmon Subscribe to Product

mariadb mariadb

oracle linux 7

oracle mysql

opensuse leap 42.1

redhat enterprise linux 7.0

redhat enterprise linux 6.0

debian debian linux 8.0

debian debian linux 9.0

canonical ubuntu linux 16.04

canonical ubuntu linux 15.10

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

Vendor Advisories

Debian CVElist Bug Report Logs: Security fixes from the April 2016 CPU
Debian Bug report logs - #821094 Security fixes from the April 2016 CPU Package: src:mysql-56; Maintainer for src:mysql-56 is (unknown); Reported by: "Norvald H Ryeng" <norvaldryeng@oraclecom> Date: Fri, 15 Apr 2016 12:03:01 UTC Severity: grave Tags: fixed-upstream, security, upstream Found in version mysql-56/562 ...
Ubuntu Security Notice: mysql-5.5, mysql-5.6 vulnerabilities
Several security issues were fixed in MySQL ...
Ubuntu Security Notice: mysql-5.7 vulnerabilities
Several security issues were fixed in MySQL ...
Debian Security Advisories: DSA-3453-1 mariadb-10.0 -- security update
Several issues have been discovered in the MariaDB database server The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10023 Please see the MariaDB 100 Release Notes for further details: mariadbcom/kb/en/mariadb/mariadb-10023-release-notes/ For the stable distribution (jessie), these problems have been ...
Amazon Linux AMI: ALAS-2016-738
It was found that the MariaDB client library did not properly check host names against server identities noted in the X509 certificates when establishing secure connections using TLS/SSL A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client (CVE-2016-2047) Unspecified vulnerability in Oracle MySQL 5546 a ...
Amazon Linux AMI: ALAS-2016-701
A double-free flaw was found in the way OpenSSL parsed certain malformed DSA (Digital Signature Algorithm) private keys An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash (CVE-2016-0705) The ssl_verify_server_cert function in sql-common/ ...
Red Hat: CVE-2016-2047
It was found that the MariaDB client library did not properly check host names against server identities noted in the X509 certificates when establishing secure connections using TLS/SSL A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client ...

References

CWE-254http://www.openwall.com/lists/oss-security/2016/01/26/3https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/http://www.debian.org/security/2016/dsa-3453https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/https://mariadb.atlassian.net/browse/MDEV-9212https://mariadb.com/kb/en/mdb-10023-rn/http://rhn.redhat.com/errata/RHSA-2016-0534.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0705.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://www.securityfocus.com/bid/81810http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.htmlhttp://www.ubuntu.com/usn/USN-2954-1http://www.securitytracker.com/id/1035606http://www.debian.org/security/2016/dsa-3557http://www.ubuntu.com/usn/USN-2953-1https://access.redhat.com/errata/RHSA-2016:1132http://rhn.redhat.com/errata/RHSA-2016-1481.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1480.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821094https://nvd.nist.govhttps://usn.ubuntu.com/2953-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook