{"id":"MGASA-2017-0332","summary":"Updated mariadb packages fix security vulnerabilities","details":"Easily exploitable vulnerability in MariaDB Server allows low privileged\nattacker with logon to the infrastructure where MariaDB Server executes\nto compromise MariaDB Server. Successful attacks of this vulnerability\ncan result in unauthorized update, insert or delete access to some of\nMariaDB Server accessible data as well as unauthorized read access to a\nsubset of MariaDB Server accessible data and unauthorized ability to\ncause a partial denial of service (partial DOS) of MariaDB Server\n(CVE-2017-3636).\n\nEasily exploitable vulnerability in MariaDB Server allows high\nprivileged attacker with network access via multiple protocols to\ncompromise MariaDB Server. Successful attacks of this vulnerability can\nresult in unauthorized ability to cause a hang or frequently repeatable\ncrash (complete DOS) of MariaDB Server (CVE-2017-3641).\n\nDifficult to exploit vulnerability in MariaDB Server allows low\nprivileged attacker with network access via multiple protocols to\ncompromise MariaDB Server. Successful attacks of this vulnerability can\nresult in unauthorized update, insert or delete access to some of\nMariaDB Server accessible data (CVE-2017-3653).\n","modified":"2026-04-16T06:23:42.591798019Z","published":"2017-09-07T09:07:16Z","upstream":["CVE-2017-3636","CVE-2017-3641","CVE-2017-3653"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0332.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21579"},{"type":"WEB","url":"https://mariadb.com/kb/en/mariadb/mariadb-10126-release-notes/"},{"type":"WEB","url":"https://mariadb.com/kb/en/mariadb-10126-changelog/"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.1.26-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0332.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}