CVE-2016-0606
First published: Thu Jan 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mysql | <5.5.47 | 5.5.47 |
| redhat/mysql | <5.6.28 | 5.6.28 |
| redhat/mysql | <5.7.10 | 5.7.10 |
| redhat/mariadb | <5.5.47 | 5.5.47 |
| redhat/mariadb | <10.1.10 | 10.1.10 |
| redhat/mariadb | <10.0.23 | 10.0.23 |
| Debian | =8.0 | |
| redhat enterprise Linux desktop | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.2 | |
| redhat enterprise Linux server | =7.0 | |
| redhat enterprise Linux server aus | =7.2 | |
| redhat enterprise Linux server eus | =7.2 | |
| redhat enterprise Linux workstation | =7.0 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| openSUSE | =42.1 | |
| openSUSE | =13.2 | |
| Oracle Linux | =7 | |
| Oracle Solaris SPARC | =11.3 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 | |
| Ariadne CMS | >=5.5.20<5.5.47 | |
| Ariadne CMS | >=10.0.0<10.0.23 | |
| Ariadne CMS | >=10.1.0<10.1.10 | |
| MySQL | >=5.5.0<=5.5.46 | |
| MySQL | >=5.6.0<=5.6.27 | |
| MySQL | >=5.7.0<=5.7.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
- http://rhn.redhat.com/errata/RHSA-2016-0534.html
- http://rhn.redhat.com/errata/RHSA-2016-0705.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1481.html
- http://www.debian.org/security/2016/dsa-3453
- http://www.debian.org/security/2016/dsa-3459
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securitytracker.com/id/1034708
- http://www.ubuntu.com/usn/USN-2881-1
- https://access.redhat.com/errata/RHSA-2016:1132
- https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/
- https://mariadb.com/kb/en/mdb-10023-rn/
- http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301518
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301517
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301519
- https://rhn.redhat.com/errata/RHSA-2016-0534.html
- https://rhn.redhat.com/errata/RHSA-2016-0705.html
- https://rhn.redhat.com/errata/RHSA-2016-1481.html
- https://rhn.redhat.com/errata/RHSA-2016-1480.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1301504
Frequently Asked Questions
What is the severity of CVE-2016-0606?
The vulnerability CVE-2016-0606 is classified as a medium severity issue affecting multiple versions of Oracle MySQL and MariaDB.
How do I fix CVE-2016-0606?
To address CVE-2016-0606, upgrade to MySQL versions 5.5.47, 5.6.28, or 5.7.10, or MariaDB versions 5.5.47, 10.0.23, or 10.1.10.
What software is affected by CVE-2016-0606?
CVE-2016-0606 affects Oracle MySQL versions 5.5.46 and earlier, 5.6.27 and earlier, 5.7.9 and earlier, and several versions of MariaDB.
Who is at risk from CVE-2016-0606?
Remote authenticated users may exploit CVE-2016-0606 to affect the integrity of systems using the vulnerable versions of MySQL and MariaDB.
What types of vulnerabilities does CVE-2016-0606 involve?
CVE-2016-0606 involves unspecified vectors related to encryption that can impact data integrity.
- agent/type
- agent/references
- agent/remedy
- agent/severity
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-0606
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- package-manager/redhat
- vendor/debian
- canonical/debian
- version/debian/8.0
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/red hat enterprise linux hpc node
- version/red hat enterprise linux hpc node/7.0
- version/red hat enterprise linux hpc node/7.2
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.2
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/7.2
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- vendor/opensuse
- canonical/opensuse
- version/opensuse/42.1
- version/opensuse/13.2
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7
- canonical/oracle solaris sparc
- version/oracle solaris sparc/11.3
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10
- vendor/mariadb
- canonical/ariadne cms
- version/ariadne cms/5.5.20
- version/ariadne cms/10.0.0
- version/ariadne cms/10.1.0
- canonical/mysql
- version/mysql/5.5.0
- version/mysql/5.5.46
- version/mysql/5.6.0
- version/mysql/5.6.27
- version/mysql/5.7.0
- version/mysql/5.7.9