CVE-2017-3456
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-3456
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3456.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-3456
- Downstream
- Related
- Published
- 2017-04-24T19:59:01Z
- Modified
- 2025-10-15T12:04:00.552951Z
- Severity
-
- 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
- References
-
- http://www.debian.org/security/2017/dsa-3834
- http://www.debian.org/security/2017/dsa-3944
- http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
- http://www.securityfocus.com/bid/97831
- http://www.securitytracker.com/id/1038287
- https://access.redhat.com/errata/RHSA-2017:2192
- https://access.redhat.com/errata/RHSA-2017:2787
- https://access.redhat.com/errata/RHSA-2017:2886
- https://access.redhat.com/errata/RHSA-2018:0279
- https://access.redhat.com/errata/RHSA-2018:0574
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
- Type
- GIT
- Repo
- https://github.com/mysql/mysql-server
- Events
Affected versions
mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.5-m3
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.6-rc
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2017-3456-017750b4",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "init_dumping",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "42526495682318897469202677931179336455",
"length": 595.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-0778ee24",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "get_table_structure",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "227475061533329738085031105100031106996",
"length": 10937.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-0b2a382b",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "dump_events_for_db",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "283872701544742768257779130745336628180",
"length": 3056.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-0deb9fd5",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "write_header",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "61031449315181416583737506107960987338",
"length": 1749.0
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2017-3456-230fc291",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"file": "client/mysqldump.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"287840253208859831013181147116206525376",
"324136547317919813359352064277236333715",
"282430677639818099929617913825166653421",
"147139391803266763314761740611417390198",
"258802801894329452504020721432820698677",
"91138205289354102969073748767653790743",
"233493404795263154842363746119238816673",
"309355098527796234463986548578076187884",
"246521560388497353004885266086561128681",
"65595240965851819816944346960684994155",
"321094355807444156552637940556050534243",
"173566830439109051968149803806679781001",
"199290765851492278749490509745647329182",
"45989153402127012733139951888311868178",
"114416289830545276075284455762878229460",
"277119867620039162696505662519865168492",
"1406835726190704947481628521158899781",
"174614877685627249914600596442902313165",
"99127866680226208064705749248054614695",
"39471861491129910410498619482011041391",
"281380462612982588805056671783939902254",
"276555443743869160836284840037473276887",
"63704244798856370080746536556622922021",
"196970177491568200692872190131374048986",
"211909851172610884740259624997676708138",
"24854640261605884487014526616906487662",
"206025079568806760122742316187267806127",
"311871759366108697833006663439889249742",
"221096165144546299147742464005478717924",
"105220650397672059064628403102505049061",
"18628631760629166584977079678764798872",
"119656696777604396040253590625706193749",
"221096165144546299147742464005478717924",
"168602443676074510547085005830811337443",
"114424463055898619066660915433101962969",
"153916697495976485808117997579764618991",
"180695665933106799821938816193290640991",
"317750465811503273914953924986043255767",
"299148576020784136739117619416196108572",
"118157318188170081201040706357790495674",
"41102378010887911272271175550789649896",
"149518576500014602976768066358926314484",
"54189500566898801091712575313356035066",
"44002167410011708810019578410179393524",
"203679880670483351499138583783885028443",
"270476162896496040883649640857060526904",
"204451005490097465986732821480961200936",
"223608088947237646770529443703107663724",
"250724728853505500189006708705469851241",
"97779087057840683929947270035268598704",
"332940999390577626529849682776968183891",
"171433106859136870351199048718637400189",
"260127954252147593913051498861828999833",
"292556811704801901721130727931310806132",
"315481399744044133717527275946904624115",
"144450971157728465792195077319518344721",
"138134974382930509413378452785541640177",
"93139083326288700668774484888006665665"
]
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-3566e59d",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "dump_table",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "273064814930547228481748278923107127025",
"length": 9653.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-3d5cc0a7",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "write_header",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "61031449315181416583737506107960987338",
"length": 1749.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-3dd1fd8a",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "init_dumping",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "42526495682318897469202677931179336455",
"length": 595.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-573a3d7b",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "dump_routines_for_db",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "229205966501763571287196631931031338507",
"length": 3068.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-77a2b85b",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "dump_routines_for_db",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "229205966501763571287196631931031338507",
"length": 3068.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-7c5b056e",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "dump_events_for_db",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "283872701544742768257779130745336628180",
"length": 3056.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-89d625e9",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "get_view_structure",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "52340132320564584267245206336274565455",
"length": 4417.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-923416e2",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "dump_table",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "273064814930547228481748278923107127025",
"length": 9653.0
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2017-3456-ba0ccb33",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"file": "client/mysqldump.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"287840253208859831013181147116206525376",
"324136547317919813359352064277236333715",
"282430677639818099929617913825166653421",
"147139391803266763314761740611417390198",
"258802801894329452504020721432820698677",
"91138205289354102969073748767653790743",
"233493404795263154842363746119238816673",
"309355098527796234463986548578076187884",
"246521560388497353004885266086561128681",
"65595240965851819816944346960684994155",
"321094355807444156552637940556050534243",
"173566830439109051968149803806679781001",
"199290765851492278749490509745647329182",
"45989153402127012733139951888311868178",
"114416289830545276075284455762878229460",
"277119867620039162696505662519865168492",
"1406835726190704947481628521158899781",
"174614877685627249914600596442902313165",
"99127866680226208064705749248054614695",
"39471861491129910410498619482011041391",
"281380462612982588805056671783939902254",
"276555443743869160836284840037473276887",
"63704244798856370080746536556622922021",
"196970177491568200692872190131374048986",
"211909851172610884740259624997676708138",
"24854640261605884487014526616906487662",
"206025079568806760122742316187267806127",
"311871759366108697833006663439889249742",
"221096165144546299147742464005478717924",
"105220650397672059064628403102505049061",
"18628631760629166584977079678764798872",
"119656696777604396040253590625706193749",
"221096165144546299147742464005478717924",
"168602443676074510547085005830811337443",
"114424463055898619066660915433101962969",
"153916697495976485808117997579764618991",
"180695665933106799821938816193290640991",
"317750465811503273914953924986043255767",
"299148576020784136739117619416196108572",
"118157318188170081201040706357790495674",
"41102378010887911272271175550789649896",
"149518576500014602976768066358926314484",
"54189500566898801091712575313356035066",
"44002167410011708810019578410179393524",
"203679880670483351499138583783885028443",
"270476162896496040883649640857060526904",
"204451005490097465986732821480961200936",
"223608088947237646770529443703107663724",
"250724728853505500189006708705469851241",
"97779087057840683929947270035268598704",
"332940999390577626529849682776968183891",
"171433106859136870351199048718637400189",
"260127954252147593913051498861828999833",
"292556811704801901721130727931310806132",
"315481399744044133717527275946904624115",
"144450971157728465792195077319518344721",
"138134974382930509413378452785541640177",
"93139083326288700668774484888006665665"
]
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-be381038",
"source": "https://github.com/mariadb/server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "get_view_structure",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "52340132320564584267245206336274565455",
"length": 4417.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2017-3456-d56a3b4a",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"target": {
"function": "get_table_structure",
"file": "client/mysqldump.c"
},
"digest": {
"function_hash": "227475061533329738085031105100031106996",
"length": 10937.0
},
"deprecated": false
}
]