Am 01.06.2015 um 10:48 schrieb Michael Meyer:
*** Reindl Harald wrote:Medium (CVSS: 4.0) NVT: MariaDB 'COM_CHANGE_USER' Command Insecure Salt Generation Security Bypass Vuln... (OID: 1.3.6.1.4.1.25623.1.0.804037) Solution Upgrade to MariaDB version 5.2.14, 5.3.12, 5.5.29 or later, For updates refer to https://mariadb.org uhm, there is running 10.0.19.......... ____________________________________ Medium (CVSS: 5.0) NVT: MariaDB Denial Of Service Vulnerability (Windows) (OID: 1.3.6.1.4.1.25623.1.0.804035) Solution Upgrade to MariaDB 5.1.68, 5.2.15, 5.3.13, 5.5.30 or later, For updates refer to https://mariadb.org uhm, there is running 10.0.19 on *Linux*Which version was detected by '1.3.6.1.4.1.25623.1.0.100152'?
Product detection result: cpe:/a:mariadb:mariadb:5.5.5- by MySQL/MariaDB Detection (OID: 1.3.6.1.4.1.25623.1.0.100152)
you just need to handle the version in the greeting correct, the 5.5- versioning is for clients with no idea about mariadb at all
[harry@rh:~]$ telnet localhost 3306 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ] 5.5.5-10.0.19-MariaDB
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
