OVAL Reference oval:org.opensuse.security:def:20173305

Oval Definition:

oval:org.opensuse.security:def:20173305

Revision Date:	2023-06-22	Version:	1
Title:	CVE-2017-3305
Description:	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client, aka, "The Riddle".
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-3305 SUSE-SU-2017:1137-1 openSUSE-SU-2017:1209-1 Mitre CVE-2017-3305 SUSE CVE-2017-3305 SUSE-SU-2017:1137-1 openSUSE-SU-2017:1209-1
Platform(s):	openSUSE Leap 42.1 openSUSE Leap 42.2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed AND libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client18-x86-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client18-x86-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed
Definition Synopsis
openSUSE Leap 42.1 is installed AND Package Information libmysql56client18-5.6.36-25.3 is installed AND libmysql56client18 is signed with openSUSE key OR libmysql56client18-32bit-5.6.36-25.3 is installed AND libmysql56client18-32bit is signed with openSUSE key OR libmysql56client_r18-5.6.36-25.3 is installed AND libmysql56client_r18 is signed with openSUSE key OR libmysql56client_r18-32bit-5.6.36-25.3 is installed AND libmysql56client_r18-32bit is signed with openSUSE key OR mysql-community-server-5.6.36-25.3 is installed AND mysql-community-server is signed with openSUSE key OR mysql-community-server-bench-5.6.36-25.3 is installed AND mysql-community-server-bench is signed with openSUSE key OR mysql-community-server-client-5.6.36-25.3 is installed AND mysql-community-server-client is signed with openSUSE key OR mysql-community-server-errormessages-5.6.36-25.3 is installed AND mysql-community-server-errormessages is signed with openSUSE key OR mysql-community-server-test-5.6.36-25.3 is installed AND mysql-community-server-test is signed with openSUSE key OR mysql-community-server-tools-5.6.36-25.3 is installed AND mysql-community-server-tools is signed with openSUSE key
Definition Synopsis
openSUSE Leap 42.2 is installed AND Package Information libmysql56client18-5.6.36-24.3.3 is installed AND libmysql56client18 is signed with openSUSE key OR libmysql56client18-32bit-5.6.36-24.3.3 is installed AND libmysql56client18-32bit is signed with openSUSE key OR libmysql56client_r18-5.6.36-24.3.3 is installed AND libmysql56client_r18 is signed with openSUSE key OR libmysql56client_r18-32bit-5.6.36-24.3.3 is installed AND libmysql56client_r18-32bit is signed with openSUSE key OR mysql-community-server-5.6.36-24.3.3 is installed AND mysql-community-server is signed with openSUSE key OR mysql-community-server-bench-5.6.36-24.3.3 is installed AND mysql-community-server-bench is signed with openSUSE key OR mysql-community-server-client-5.6.36-24.3.3 is installed AND mysql-community-server-client is signed with openSUSE key OR mysql-community-server-errormessages-5.6.36-24.3.3 is installed AND mysql-community-server-errormessages is signed with openSUSE key OR mysql-community-server-test-5.6.36-24.3.3 is installed AND mysql-community-server-test is signed with openSUSE key OR mysql-community-server-tools-5.6.36-24.3.3 is installed AND mysql-community-server-tools is signed with openSUSE key
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP2 is installed AND mariadb is not affected OR Package Information SUSE OpenStack Cloud 7 is installed AND mariadb is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client18-x86-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND Package Information libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client18-x86-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client18-x86-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed AND libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client18-x86-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR libmysql55client_r18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-x86-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed AND libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND Package Information libmysql55client18-5.5.55-0.38 is installed OR libmysql55client18-32bit-5.5.55-0.38 is installed OR libmysql55client_r18-5.5.55-0.38 is installed OR mysql-5.5.55-0.38 is installed OR mysql-client-5.5.55-0.38 is installed OR mysql-tools-5.5.55-0.38 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libmysql55client_r18-32bit-5.5.55-0.38.1 is installed OR libmysql55client_r18-x86-5.5.55-0.38.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND libmysql55client18-5.5.55-0.38.1 is installed OR libmysql55client18-32bit-5.5.55-0.38.1 is installed OR libmysql55client_r18-5.5.55-0.38.1 is installed OR mysql-5.5.55-0.38.1 is installed OR mysql-client-5.5.55-0.38.1 is installed OR mysql-tools-5.5.55-0.38.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND libmysql55client18-5.5.55-0.38.1 is installed OR libmysql55client18-32bit-5.5.55-0.38.1 is installed OR libmysql55client18-x86-5.5.55-0.38.1 is installed OR libmysql55client_r18-5.5.55-0.38.1 is installed OR libmysql55client_r18-32bit-5.5.55-0.38.1 is installed OR libmysql55client_r18-x86-5.5.55-0.38.1 is installed OR mysql-5.5.55-0.38.1 is installed OR mysql-client-5.5.55-0.38.1 is installed OR mysql-tools-5.5.55-0.38.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP1 is installed OR SUSE Linux Enterprise Server 12 SP1 is installed OR SUSE Linux Enterprise Server 12 SP2 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP1 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP1 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND mariadb is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP1 is installed AND mariadb is not affected OR Package Information SUSE Linux Enterprise Desktop 12 SP2 is installed AND mariadb is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND libmysql55client18-5.5.55-0.38.1 is installed OR libmysql55client18-32bit-5.5.55-0.38.1 is installed OR libmysql55client_r18-5.5.55-0.38.1 is installed OR mysql-5.5.55-0.38.1 is installed OR mysql-client-5.5.55-0.38.1 is installed OR mysql-tools-5.5.55-0.38.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND libmysql55client18-5.5.55-0.38.1 is installed OR libmysql55client18-32bit-5.5.55-0.38.1 is installed OR libmysql55client18-x86-5.5.55-0.38.1 is installed OR libmysql55client_r18-5.5.55-0.38.1 is installed OR libmysql55client_r18-32bit-5.5.55-0.38.1 is installed OR libmysql55client_r18-x86-5.5.55-0.38.1 is installed OR mysql-5.5.55-0.38.1 is installed OR mysql-client-5.5.55-0.38.1 is installed OR mysql-tools-5.5.55-0.38.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP1 is installed OR SUSE Linux Enterprise Desktop 12 SP2 is installed OR SUSE Linux Enterprise Server 12 SP1 is installed OR SUSE Linux Enterprise Server 12 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP1 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND mariadb is not affected OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND libmysqlclient18 is affected OR libmysqlclient18-32bit is affected OR mariadb is affected OR mariadb-client is affected OR mariadb-errormessages is affected OR mariadb-tools is affected
Definition Synopsis
Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmysqlclient18 is affected OR libmysqlclient18-32bit is affected OR mariadb is affected OR mariadb-client is affected OR mariadb-errormessages is affected OR mariadb-galera is affected OR mariadb-tools is affected
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND Package Information libmariadbd-devel is not affected OR libmariadbd19 is not affected OR mariadb is not affected OR mariadb-client is not affected OR mariadb-errormessages is not affected OR mariadb-tools is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND Package Information libmariadbd-devel is not affected OR libmariadbd19 is not affected OR mariadb is not affected OR mariadb-client is not affected OR mariadb-errormessages is not affected OR mariadb-tools is not affected

BACK