This month's update for Database Security Knowledgebase is now available.
Knowledgebase version 5.01 includes new checks for MySQL, Oracle, and SAP (Sybase) ASE and updated checks for MySQL and SAP (Sybase) ASE.
MySQL
Critical Patch Update - April 2016
Check version to determine if the database contains vulnerabilities described by Critical Patch Update - April 2016.
Risk: High
Relevant CVEs: CVE-2015-3194, CVE-2016-0639, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0652, CVE-2016-0653, CVE-2016-0654, CVE-2016-0655, CVE-2016-0656, CVE-2016-0657, CVE-2016-0658, CVE-2016-0659, CVE-2016-0661, CVE-2016-0662, CVE-2016-0663, CVE-2016-0665, CVE-2016-0666, CVE-2016-0667, CVE-2016-0668, CVE-2016-0705, CVE-2016-2047, CVE-2016-3461
Oracle
Critical Patch Update/Patch Set Update - April 2016
Check version to determine if the database contains vulnerabilities described by Critical Patch Update/Patch Set Update - April 2016.
Risk: High
Relevant CVEs: CVE-2016-0677, CVE-2016-0681, CVE-2016-0690, CVE-2016-0691, CVE-2016-3454
SAP (Sybase) ASE
CREATE/ALTER DATABASE DSAM support SQL injection
Verify that the database is not vulnerable to the DSAM support SQL injection.
Risk: High
Relevant CVEs: CVE-2016-4013
MySQL
Latest release not installed
Updated to Support 5.5.49 and 5.6.30
Risk: High
Relevant CVEs: N/A
Release update not installed on time
Release update not installed on time
Updated to Support 5.5.49 and 5.6.30
Risk: High
Relevant CVEs: N/A
SAP (Sybase) ASE
Latest patch not applied
Updated to Support ASE 16.0 SP02 PL03
Risk: High
Relevant CVEs: N/A
Patch not applied on time
Updated to Support ASE 16.0 SP02 PL03
Risk: High
Relevant CVEs: N/A
Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual)in good standing at no additional cost
AppDetectivePRO customers can use the Updater within the product as well.