lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 22 Jul 2016 18:15:58 GMT
From: lem.nikolas@...il.com
To: bugtraq@...urityfocus.com
Subject: MySQL zero-day vulnerabilities (July 2016 CPU)

MySQL is the most popular and most widely used database in the world. MySQL customers include NASA, US Navy, Google, Facebook, Twitter just to cite a few..

 In partnership with Oracle Inc. we have worked delicately to enhance the security of the open-source product, and to identify and mitigate those vulnerabilities.

 Sincere thanks to Oracle Inc for the prompt response and adequate mitigation to the issues.

 You can get a copy of the report here:

 https://www.exploit-db.com/docs/40143.pdf 

 The report corresponds to Oracle's (July 2016 CPU), in which we have discovered over 14 zero-day vulnerabilities affecting MySQL. CVE's, versions affected and all relevant information are enlisted in the CPU.

 Here's a link to Oracle's Critical Patch Update / July 2016 .

 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.h
 tml

 There are a number of issues affecting third-party technologies used by other popular products which would gather the interest of the community, but those will not be released as of yet, until the maintainers of those are informed...

Kind Regards,
Nicholas Lemonias, CEO

Advanced Information Security Corporation

Powered by blists - more mailing lists