Описание
The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to download configuration information from v.percona.com.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.2.7-1~dfsg1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.2.7-1~dfsg1]] |
| lucid | DNE | |
| precise | not-affected | 1.0.1-3 |
| quantal | ignored | end of life |
| saucy | ignored | end of life |
| trusty | not-affected | 2.2.7-1~dfsg1 |
| trusty/esm | DNE | trusty was not-affected [2.2.7-1~dfsg1] |
| upstream | released | 2.2.7 |
Показывать по
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to download configuration information from v.percona.com.
The automatic version check functionality in the tools in Percona Tool ...
The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to download configuration information from v.percona.com.
6.8 Medium
CVSS2
8.1 High
CVSS3