vulnerability

Huawei EulerOS: CVE-2017-3600: mariadb security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:S/C:P/I:P/A:P)	Apr 24, 2017	Jan 18, 2018	Apr 25, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:P/I:P/A:P)

Published

Apr 24, 2017

Added

Jan 18, 2018

Modified

Apr 25, 2025

Description

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool.

Solutions

huawei-euleros-2_0_sp2-upgrade-mariadbhuawei-euleros-2_0_sp2-upgrade-mariadb-benchhuawei-euleros-2_0_sp2-upgrade-mariadb-develhuawei-euleros-2_0_sp2-upgrade-mariadb-libshuawei-euleros-2_0_sp2-upgrade-mariadb-serverhuawei-euleros-2_0_sp2-upgrade-mariadb-test

References

CVE-2017-3600
https://attackerkb.com/topics/CVE-2017-3600
EULEROS-EulerOS-SA-2017-1170

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today