Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1362
Multiple Oracle MySQL vulnerabilities
21 April 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: BIG-IP
BIG-IQ
Publisher: F5 Networks
Operating System: Network Appliance
Impact/Access: Increased Privileges -- Unknown/Unspecified
Denial of Service -- Existing Account
Access Confidential Data -- Unknown/Unspecified
Reduced Security -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2016-0616 CVE-2016-0609 CVE-2016-0608
CVE-2016-0606 CVE-2016-0600 CVE-2016-0598
CVE-2016-0597 CVE-2016-0596 CVE-2016-0546
CVE-2016-0505 CVE-2016-0502
Reference: ASB-2017.0219
ESB-2016.1807
ESB-2016.1333
Original Bulletin:
https://support.f5.com/csp/article/K77508618
- --------------------------BEGIN INCLUDED TEXT--------------------
K77508618: Multiple Oracle MySQL vulnerabilities
Original Publication Date: 06 May, 2017
Latest Publication Date: 20 Apr, 2021
Security Advisory Description
o CVE-2016-0502
Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and
earlier allows remote authenticated users to affect availability via
unknown vectors related to Optimizer.
o CVE-2016-0505
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect
availability via unknown vectors related to Options.
o CVE-2016-0546
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows local users to affect confidentiality,
integrity, and availability via unknown vectors related to Client. NOTE:
the previous information is from the January 2016 CPU. Oracle has not
commented on third-party claims that these are multiple buffer overflows in
the mysqlshow tool that allow remote database servers to have unspecified
impact via a long table or database name.
o CVE-2016-0596
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and
earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before
10.1.10 allows remote authenticated users to affect availability via
vectors related to DML.
o CVE-2016-0597
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect
availability via unknown vectors related to Optimizer.
o CVE-2016-0598
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect
availability via vectors related to DML.
o CVE-2016-0600
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect
availability via unknown vectors related to InnoDB.
o CVE-2016-0606
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect integrity
via unknown vectors related to encryption.
o CVE-2016-0608
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect
availability via vectors related to UDF.
o CVE-2016-0609
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and
earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and
10.1.x before 10.1.10 allows remote authenticated users to affect
availability via unknown vectors related to privileges.
o CVE-2016-0616
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB
before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows
remote authenticated users to affect availability via unknown vectors
related to Optimizer.
Impact
The CVE numbers included in this security advisory are reported to allow
(through undisclosed mechanisms) an unauthorized remote attacker to gain access
to information, receive privilege escalation, or cause a denial of service
(DoS) of the MySQL service.
Security Advisory Status
F5 Product Development has assigned ID 577543 (BIG-IP) to this vulnerability.
Additionally, BIG-IP iHealth may list Heuristic H77508618 on the Diagnostics >
Identified > Low screen.
To determine if your release is known to be vulnerable, the components or
features that are affected by the vulnerability, and for information about
releases or hotfixes that address the vulnerability, refer to the following
table:
+--------------+------------+--------------+----------+-----------------------+
| |Versions |Versions known| |Vulnerable component or|
|Product |known to be |to be not |Severity |feature |
| |vulnerable |vulnerable | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | | |
| |12.0.0 - |14.0.0 and | |MySQL Client, MySQL |
|BIG-IP LTM |12.1.6 |later |Low |Server, multiple MySQL |
| |11.4.0 - | | |sub-components |
| |11.6.5 | | | |
| |11.2.1 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | |MySQL Client, MySQL |
|BIG-IP AAM |12.0.0 - |14.0.0 and |Low |Server, multiple MySQL |
| |12.1.6 |later | |sub-components |
| |11.4.0 - | | | |
| |11.6.5 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | |MySQL Client, MySQL |
|BIG-IP AFM |12.0.0 - |14.0.0 and |Low |Server, multiple MySQL |
| |12.1.6 |later | |sub-components |
| |11.4.0 - | | | |
| |11.6.5 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | | |
|BIG-IP |12.0.0 - |14.0.0 and | |MySQL Client, MySQL |
|Analytics |12.1.6 |later |Low |Server, multiple MySQL |
| |11.4.0 - | | |sub-components |
| |11.6.5 | | | |
| |11.2.1 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | | |
| |12.0.0 - |14.0.0 and | |MySQL Client, MySQL |
|BIG-IP APM |12.1.6 |later |Low |Server, multiple MySQL |
| |11.4.0 - | | |sub-components |
| |11.6.5 | | | |
| |11.2.1 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | | |
| |12.0.0 - |14.0.0 and | |MySQL Client, MySQL |
|BIG-IP ASM |12.1.6 |later |Low |Server, multiple MySQL |
| |11.4.0 - | | |sub-components |
| |11.6.5 | | | |
| |11.2.1 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | |MySQL Client, MySQL |
|BIG-IP DNS |13.1.4 |14.0.0 and |Low |Server, multiple MySQL |
| |12.0.0 - |later | |sub-components |
| |12.1.6 | | | |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IP Edge | | | |MySQL Client, MySQL |
|Gateway |11.2.1 |None |Low |Server, multiple MySQL |
| | | | |sub-components |
+--------------+------------+--------------+----------+-----------------------+
| |11.4.0 - | | |MySQL Client, MySQL |
|BIG-IP GTM |11.6.5 |None |Low |Server, multiple MySQL |
| |11.2.1 | | |sub-components |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | | |
|BIG-IP Link |12.0.0 - |14.0.0 and | |MySQL Client, MySQL |
|Controller |12.1.6 |later |Low |Server, multiple MySQL |
| |11.4.0 - | | |sub-components |
| |11.6.5 | | | |
| |11.2.1 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | |MySQL Client, MySQL |
|BIG-IP PEM |12.0.0 - |14.0.0 and |Low |Server, multiple MySQL |
| |12.1.6 |later | |sub-components |
| |11.4.0 - | | | |
| |11.6.5 | | | |
+--------------+------------+--------------+----------+-----------------------+
| |11.4.0 - | | |MySQL Client, MySQL |
|BIG-IP PSM |11.4.1 |None |Low |Server, multiple MySQL |
| | | | |sub-components |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IP | | | |MySQL Client, MySQL |
|WebAccelerator|11.2.1 |None |Low |Server, multiple MySQL |
| | | | |sub-components |
+--------------+------------+--------------+----------+-----------------------+
| |13.0.0 - | | | |
| |13.1.4 | | |MySQL Client, MySQL |
|BIG-IP WebSafe|12.0.0 - |14.0.0 and |Low |Server, multiple MySQL |
| |12.1.6 |later | |sub-components |
| |11.4.0 - | | | |
| |11.6.5 | | | |
+--------------+------------+--------------+----------+-----------------------+
|ARX |None |6.2.0 - 6.4.0 |Not |None |
| | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|Enterprise |None |3.1.1 |Not |None |
|Manager | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IQ Cloud |None |4.4.0 - 4.5.0 |Not |None |
| | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IQ Device |None |4.4.0 - 4.5.0 |Not |None |
| | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IQ |None |4.4.0 - 4.5.0 |Not |None |
|Security | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IQ ADC |None |4.5.0 |Not |None |
| | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IQ | |5.0.0 - 5.2.0 |Not | |
|Centralized |None |4.6.0 |vulnerable|None |
|Management | | | | |
+--------------+------------+--------------+----------+-----------------------+
|BIG-IQ Cloud | | |Not | |
|and |None |1.0.0 |vulnerable|None |
|Orchestration | | | | |
+--------------+------------+--------------+----------+-----------------------+
|F5 iWorkflow |None |2.0.0 - 2.1.0 |Not |None |
| | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|LineRate |None |2.5.0 - 2.6.2 |Not |None |
| | | |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
|Traffix SDC |None |5.0.0 - 5.1.0 |Not |None |
| | |4.0.0 - 4.4.0 |vulnerable| |
+--------------+------------+--------------+----------+-----------------------+
Recommended Actions
If you are running a version listed in the Versions known to be vulnerable
column, you can eliminate this vulnerability by upgrading to a version listed
in the Versions known to be not vulnerable column. If the table lists only an
older version than what you are currently running, or does not list a
non-vulnerable version, then no upgrade candidate currently exists.
Mitigation
To partially mitigate this vulnerability, you can use an upstream device, such
as a firewall, to restrict access to the MySQL socket.
Impact of action: The impact of the suggested mitigation depends on the
specific environment. F5 recommends testing any such changes during a
maintenance window with consideration to the possible impact on your specific
environment.
Supplemental Information
o K9970: Subscribing to email notifications regarding F5 products
o K9957: Creating a custom RSS feed to view new and updated documents
o K4602: Overview of the F5 security vulnerability response policy
o K4918: Overview of the F5 critical issue hotfix policy
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYH+hIeNLKJtyKPYoAQiHJQ/+O9ErkR0kWVj7R183MBbXhmLBKaT6k4RY
0GftXU+UX4QomaeFkYk+mDEjfauPFznSxct17VkKnWYjXQ7+yttKvm7LtNArtStI
hpTbr9tLhu7XemidMo3+BGH2EekkN9T/J1AkrTRoKJiFiCpOy8IBPYhSl7EbUGuE
KZxvo3jel3HlgPPomEBXLeWJKPAG2sJo3OUvqkQKbzeUbQwCZEWw4PWwE2okiu4q
m74mr0Y3kTNqECwPQB8zp2NqxD1G2+OT8eQBzVwrOLczEgKmNohaamQd1AH1ocC7
Xcc+oKyAjmhcs6BUM5BSm4pfOeEt2BjgBBm7mVg3XJjNcm0D3zP8RuD0XRxEOcfA
mQYonXMFVCM29BhLBfTJ/p8/f9xpM6kb7aO+++dhvOQA3CavRY2XOwTxKXSWT/fq
j30wyjPSGF2ipDtVlMzgLbsQP97QPtqd+DN7iUyfJnUu/QyFF+K29fqFqlPk5Dl6
dVC6J7UQbz12yI9wVDFe4AhrUsGfY20L9E1TzwZ/p8EJRIbcLFLK6IoZE3IVyRMO
TbQt6MhsemOEE3xqYcZ/mljq5SR+IKL2zxdiBFUDO/sXD/VkKPDYEkYgpKW4rql1
uwSftTU35VrSyaiXeNAtBFoxUIWys7VCUb1LovPIkWHSCOkkOA/Fdwpn+UbmqEEj
dzCCrLKXKOs=
=W38l
-----END PGP SIGNATURE-----