CVE-2015-5969

Publication date 8 April 2016

Last updated 25 August 2025

Ubuntu priority

Cvss 3 Severity Score

Description

The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mariadb-10.0	15.10 wily	Not affected
	15.04 vivid	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
mariadb-5.5	15.10 wily	Not in release
	15.04 vivid	Not in release
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
mysql-5.5	15.10 wily	Not in release
	15.04 vivid	Not in release
	14.04 LTS trusty	Not affected
	12.04 LTS precise	Not affected
mysql-5.6	15.10 wily	Not affected
	15.04 vivid	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
percona-server-5.6	15.10 wily	Not affected
	15.04 vivid	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
percona-xtradb-cluster-5.5	15.10 wily	Not in release
	15.04 vivid	Not in release
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release
percona-xtradb-cluster-5.6	15.10 wily	Not affected
	15.04 vivid	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not in release

Notes

sbeattie

looks to be SUSE specific

Severity score breakdown

Parameter	Value
Base score	6.2 · Medium
Attack vector	Local
Attack complexity	Low
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	None
Availability impact	None
Vector	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N