CVE-2013-0385
First published: Thu Jan 17 2013(Updated: )
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MySQL | >=5.1.0<=5.1.66 | |
| MySQL | >=5.5.0<=5.5.28 | |
| MariaDB | >=5.1.0<5.1.67 | |
| MariaDB | >=5.2.0<5.2.14 | |
| MariaDB | >=5.3.0<5.3.12 | |
| MariaDB | >=5.5.0<5.5.29 | |
| MariaDB | =10.0.0 | |
| Ubuntu | =10.04 | |
| Ubuntu | =11.10 | |
| Ubuntu | =12.04 | |
| Ubuntu | =12.10 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Server EUS | =6.3 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2013-0219.html
- http://secunia.com/advisories/53372
- http://security.gentoo.org/glsa/glsa-201308-06.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
- http://www.ubuntu.com/usn/USN-1703-1
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267
Frequently Asked Questions
What is the severity of CVE-2013-0385?
CVE-2013-0385 is rated as a medium severity vulnerability due to its potential impact on confidentiality and integrity.
How do I fix CVE-2013-0385?
To resolve CVE-2013-0385, it is recommended to upgrade Oracle MySQL to version 5.1.67 or later, or 5.5.29 or later.
What software versions are affected by CVE-2013-0385?
CVE-2013-0385 affects Oracle MySQL versions 5.1.66 and earlier, and 5.5.28 and earlier.
Who can exploit CVE-2013-0385?
Local users with access to the affected MySQL server can potentially exploit CVE-2013-0385.
Is there a workaround for CVE-2013-0385?
Currently, there are no publicly available workarounds for CVE-2013-0385 other than upgrading to a patched version.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/mysql
- version/mysql/5.1.0
- version/mysql/5.1.66
- version/mysql/5.5.0
- version/mysql/5.5.28
- vendor/mariadb
- canonical/mariadb
- version/mariadb/5.1.0
- version/mariadb/5.2.0
- version/mariadb/5.3.0
- version/mariadb/5.5.0
- version/mariadb/10.0.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/10.04
- version/ubuntu/11.10
- version/ubuntu/12.04
- version/ubuntu/12.10
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/6.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/6.3
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.0
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/6.0