|Description||Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.|
|Source||CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)|
|NVD severity||medium (attack range: remote)|
|Debian Bugs||744910, 745330|
Vulnerable and fixed packages
The table below lists information on source packages.
The information above is based on the following data on fixed versions.
- mariadb-10.0 <not-affected> (Fixed before initial upload)
- mysql-5.1 <not-affected> (Only affects Mysql 5.5/5.6)
this is the same issue as CVE-2014-0001, see http://www.openwall.com/lists/oss-security/2014/09/11/23