Test ID:	1.3.6.1.4.1.25623.1.0.703666
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-3666-1)
Summary:	The remote host is missing an update for the Debian 'mysql-5.5' package(s) announced via the DSA-3666-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'mysql-5.5' package(s) announced via the DSA-3666-1 advisory. Vulnerability Insight: Dawid Golunski discovered that the mysqld_safe wrapper provided by the MySQL database server insufficiently restricted the load path for custom malloc implementations, which could result in privilege escalation. The vulnerability was addressed by upgrading MySQL to the new upstream version 5.5.52, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes for further details: [link moved to references] [link moved to references] For the stable distribution (jessie), this problem has been fixed in version 5.5.52-0+deb8u1. We recommend that you upgrade your mysql-5.5 packages. Affected Software/OS: 'mysql-5.5' package(s) on Debian 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6662 BugTraq ID: 92912 http://www.securityfocus.com/bid/92912 Debian Security Information: DSA-3666 (Google Search) http://www.debian.org/security/2016/dsa-3666 https://www.exploit-db.com/exploits/40360/ http://seclists.org/fulldisclosure/2016/Sep/23 https://security.gentoo.org/glsa/201701-01 http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html http://www.openwall.com/lists/oss-security/2016/09/12/3 RedHat Security Advisories: RHSA-2016:2058 http://rhn.redhat.com/errata/RHSA-2016-2058.html RedHat Security Advisories: RHSA-2016:2059 http://rhn.redhat.com/errata/RHSA-2016-2059.html RedHat Security Advisories: RHSA-2016:2060 http://rhn.redhat.com/errata/RHSA-2016-2060.html RedHat Security Advisories: RHSA-2016:2061 http://rhn.redhat.com/errata/RHSA-2016-2061.html RedHat Security Advisories: RHSA-2016:2062 http://rhn.redhat.com/errata/RHSA-2016-2062.html RedHat Security Advisories: RHSA-2016:2077 http://rhn.redhat.com/errata/RHSA-2016-2077.html RedHat Security Advisories: RHSA-2016:2130 http://rhn.redhat.com/errata/RHSA-2016-2130.html RedHat Security Advisories: RHSA-2016:2131 http://rhn.redhat.com/errata/RHSA-2016-2131.html RedHat Security Advisories: RHSA-2016:2595 http://rhn.redhat.com/errata/RHSA-2016-2595.html RedHat Security Advisories: RHSA-2016:2749 http://rhn.redhat.com/errata/RHSA-2016-2749.html RedHat Security Advisories: RHSA-2016:2927 http://rhn.redhat.com/errata/RHSA-2016-2927.html RedHat Security Advisories: RHSA-2016:2928 http://rhn.redhat.com/errata/RHSA-2016-2928.html RedHat Security Advisories: RHSA-2017:0184 http://rhn.redhat.com/errata/RHSA-2017-0184.html http://www.securitytracker.com/id/1036769
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.