Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title mysql security update
Informations
Name RHSA-2010:0110 First vendor Publication 2010-02-16
Vendor RedHat Last vendor Modification 2010-02-16
Severity (Vendor) Moderate Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C)
Cvss Base Score 8.5 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 6.8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges and shell access to the database server could use these flaws to escalate their database privileges, or gain access to tables created by other database users. (CVE-2008-4098, CVE-2009-4030)

Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration file. In this update, an example of such a configuration was added to the default "my.cnf" file.

An insufficient HTML entities quoting flaw was found in the mysql command line client's HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. (CVE-2008-4456)

Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially-crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). (CVE-2009-2446)

Note: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld "--log" command line option or the "log" option in "my.cnf") must be enabled. This logging is not enabled by default.

All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

454077 - CVE-2008-4098 mysql: incomplete upstream fix for CVE-2008-2079 466518 - CVE-2008-4456 mysql: mysql command line client XSS flaw 511020 - CVE-2009-2446 MySQL: Format string vulnerability by manipulation with database instances (crash) 543653 - CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0110.html

CWE : Common Weakness Enumeration

% Id Name
40 % CWE-59 Improper Link Resolution Before File Access ('Link Following')
20 % CWE-264 Permissions, Privileges, and Access Controls
20 % CWE-134 Uncontrolled Format String (CWE/SANS Top 25)
20 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10133
 
Oval ID: oval:org.mitre.oval:def:10133
Title: MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Description: MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2079
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10591
 
Oval ID: oval:org.mitre.oval:def:10591
Title: MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
Description: MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
Family: unix Class: vulnerability
Reference(s): CVE-2008-4098
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11116
 
Oval ID: oval:org.mitre.oval:def:11116
Title: MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
Description: MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
Family: unix Class: vulnerability
Reference(s): CVE-2009-4030
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11456
 
Oval ID: oval:org.mitre.oval:def:11456
Title: Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
Description: Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
Family: unix Class: vulnerability
Reference(s): CVE-2008-4456
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11857
 
Oval ID: oval:org.mitre.oval:def:11857
Title: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
Description: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2446
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12751
 
Oval ID: oval:org.mitre.oval:def:12751
Title: DSA-1877-1 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
Description: In MySQL 4.0.0 through 5.0.83, multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld allow remote authenticated users to cause a denial of service and potentially the execution of arbitrary code via format string specifiers in a database name in a COM_CREATE_DB or COM_DROP_DB request. For the stable distribution, this problem has been fixed in version 5.0.51a-24+lenny2. For the old stable distribution, this problem has been fixed in version 5.0.32-7etch11. We recommend that you upgrade your mysql packages.
Family: unix Class: patch
Reference(s): DSA-1877-1
CVE-2009-2446
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): mysql-dfsg-5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18619
 
Oval ID: oval:org.mitre.oval:def:18619
Title: DSA-1608-1 mysql-dfsg-5.0 - authorisation bypass
Description: Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorisation to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorisations.
Family: unix Class: patch
Reference(s): DSA-1608-1
CVE-2008-2079
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): mysql-dfsg-5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20178
 
Oval ID: oval:org.mitre.oval:def:20178
Title: DSA-1783-1 mysql-dfsg-5.0 - several vulnerabilities
Description: Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application.
Family: unix Class: patch
Reference(s): DSA-1783-1
CVE-2008-3963
CVE-2008-4456
Version: 5
Platform(s): Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s): mysql-dfsg-5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21419
 
Oval ID: oval:org.mitre.oval:def:21419
Title: RHSA-2010:0109: mysql security update (Moderate)
Description: MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
Family: unix Class: patch
Reference(s): RHSA-2010:0109-01
CESA-2010:0109
CVE-2009-4019
CVE-2009-4028
CVE-2009-4030
Version: 42
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): mysql
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22758
 
Oval ID: oval:org.mitre.oval:def:22758
Title: ELSA-2010:0109: mysql security update (Moderate)
Description: MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
Family: unix Class: patch
Reference(s): ELSA-2010:0109-01
CVE-2009-4019
CVE-2009-4028
CVE-2009-4030
Version: 17
Platform(s): Oracle Linux 5
Product(s): mysql
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22888
 
Oval ID: oval:org.mitre.oval:def:22888
Title: ELSA-2009:1289: mysql security and bug fix update (Moderate)
Description: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): ELSA-2009:1289-02
CVE-2008-2079
CVE-2008-3963
CVE-2008-4456
CVE-2009-2446
Version: 21
Platform(s): Oracle Linux 5
Product(s): mysql
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28260
 
Oval ID: oval:org.mitre.oval:def:28260
Title: DEPRECATED: ELSA-2010-0109 -- mysql security update (moderate)
Description: [5.0.77-4.2] - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: #556505 - Use non-expired certificates for SSL testing (upstream bug 50702) - Emit explicit error message if user tries to build RPM as root - Add comment suggesting disabling symbolic links in /etc/my.cnf
Family: unix Class: patch
Reference(s): ELSA-2010-0109
CVE-2009-4019
CVE-2009-4028
CVE-2009-4030
Version: 4
Platform(s): Oracle Linux 5
Product(s): mysql
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28888
 
Oval ID: oval:org.mitre.oval:def:28888
Title: RHSA-2009:1289 -- mysql security and bug fix update (Moderate)
Description: Updated mysql packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.
Family: unix Class: patch
Reference(s): RHSA-2009:1289
CESA-2009:1289-CentOS 5
CVE-2008-2079
CVE-2008-3963
CVE-2008-4456
CVE-2009-2446
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): mysql
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7877
 
Oval ID: oval:org.mitre.oval:def:7877
Title: DSA-1783 mysql-dfsg-5.0 -- multiple vulnerabilities
Description: Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application. The Common Vulnerabilities and Exposures project identifies the following two problems: Kay Roepke reported that the MySQL server would not properly handle an empty bit-string literal in an SQL statement, allowing an authenticated remote attacker to cause a denial of service (a crash) in mysqld. This issue affects the oldstable distribution (etch), but not the stable distribution (lenny). Thomas Henlich reported that the MySQL commandline client application did not encode HTML special characters when run in HTML output mode (that is, "mysql --html ..."). This could potentially lead to cross-site scripting or unintended script privilege escalation if the resulting output is viewed in a browser or incorporated into a web site.
Family: unix Class: patch
Reference(s): DSA-1783
CVE-2008-3963
CVE-2008-4456
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): mysql-dfsg-5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7905
 
Oval ID: oval:org.mitre.oval:def:7905
Title: DSA-1877 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
Description: In MySQL 4.0.0 through 5.0.83, multiple format string vulnerabilities in the dispatch_command() function in libmysqld/sql_parse.cc in mysqld allow remote authenticated users to cause a denial of service (daemon crash) and potentially the execution of arbitrary code via format string specifiers in a database name in a COM_CREATE_DB or COM_DROP_DB request.
Family: unix Class: patch
Reference(s): DSA-1877
CVE-2009-2446
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): mysql-dfsg-5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7917
 
Oval ID: oval:org.mitre.oval:def:7917
Title: DSA-1608 mysql-dfsg-5.0 -- authorisation bypass
Description: Sergei Golubchik discovered that MySQL, a widely-deployed database server, did not properly validate optional data or index directory paths given in a CREATE TABLE statement, nor would it (under proper conditions) prevent two databases from using the same paths for data or index files. This permits an authenticated user with authorisation to create tables in one database to read, write or delete data from tables subsequently created in other databases, regardless of other GRANT authorisations. The Common Vulnerabilities and Exposures project identifies this weakness as CVE-2008-2079.
Family: unix Class: patch
Reference(s): DSA-1608
CVE-2008-2079
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): mysql-dfsg-5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8156
 
Oval ID: oval:org.mitre.oval:def:8156
Title: MySQL 5.1 Privilege Bypass with DATA/INDEX DIRECTORY
Description: MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
Family: windows Class: vulnerability
Reference(s): CVE-2009-4030
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Product(s): MySQL Server 5.1
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 9
Application 471
Os 6
Os 2

OpenVAS Exploits

Date Description
2012-03-16 Name : Ubuntu Update for mysql-5.1 USN-1397-1
File : nvt/gb_ubuntu_USN_1397_1.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201201-02 (MySQL)
File : nvt/glsa_201201_02.nasl
2011-08-09 Name : CentOS Update for mysql CESA-2010:0109 centos5 i386
File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl
2011-08-09 Name : CentOS Update for mysql CESA-2009:1289 centos5 i386
File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2010-05-12 Name : Mac OS X Security Update 2009-005
File : nvt/macosx_secupd_2009-005.nasl
2010-05-12 Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-02-19 Name : RedHat Update for mysql RHSA-2010:0109-01
File : nvt/gb_RHSA-2010_0109-01_mysql.nasl
2010-02-19 Name : RedHat Update for mysql RHSA-2010:0110-01
File : nvt/gb_RHSA-2010_0110-01_mysql.nasl
2010-02-19 Name : CentOS Update for mysql CESA-2010:0110 centos4 i386
File : nvt/gb_CESA-2010_0110_mysql_centos4_i386.nasl
2010-02-15 Name : Ubuntu Update for MySQL vulnerabilities USN-897-1
File : nvt/gb_ubuntu_USN_897_1.nasl
2010-01-19 Name : Mandriva Update for mysql MDVSA-2010:012 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_012.nasl
2010-01-19 Name : Mandriva Update for mysql MDVSA-2010:011 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_011.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-12180 (mysql)
File : nvt/fcore_2009_12180.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:326 (mysql)
File : nvt/mdksa_2009_326.nasl
2009-12-04 Name : MySQL Authenticated Access Restrictions Bypass Vulnerability
File : nvt/gb_mysql_auth_bypass_vuln.nasl
2009-11-20 Name : MySQL multiple Vulnerabilities
File : nvt/mysql_multiple_vuln.nasl
2009-10-13 Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql1.nasl
2009-10-13 Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql.nasl
2009-10-13 Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql0.nasl
2009-10-11 Name : SLES11: Security update for MySQL
File : nvt/sles11_libmysqlclient1.nasl
2009-10-10 Name : SLES9: Security update for MySQL
File : nvt/sles9p5032620.nasl
2009-10-10 Name : SLES9: Security update for MySQL
File : nvt/sles9p5040120.nasl
2009-10-10 Name : SLES9: Security update for MySQL
File : nvt/sles9p5056120.nasl
2009-09-28 Name : RedHat Security Advisory RHSA-2009:1461
File : nvt/RHSA_2009_1461.nasl
2009-09-21 Name : CentOS Security Advisory CESA-2009:1289 (mysql)
File : nvt/ovcesa2009_1289.nasl
2009-09-09 Name : RedHat Security Advisory RHSA-2009:1289
File : nvt/RHSA_2009_1289.nasl
2009-09-09 Name : SuSE Security Summary SUSE-SR:2009:014
File : nvt/suse_sr_2009_014.nasl
2009-09-09 Name : Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
File : nvt/deb_1877_1.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:179 (mysql)
File : nvt/mdksa_2009_179.nasl
2009-07-29 Name : Mandrake Security Advisory MDVSA-2009:159 (mysql)
File : nvt/mdksa_2009_159.nasl
2009-07-17 Name : MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
File : nvt/gb_mysql_mult_format_string_vuln.nasl
2009-06-05 Name : Ubuntu USN-763-1 (xine-lib)
File : nvt/ubuntu_763_1.nasl
2009-06-05 Name : RedHat Security Advisory RHSA-2009:1067
File : nvt/RHSA_2009_1067.nasl
2009-04-28 Name : Mandrake Security Advisory MDVSA-2009:094 (mysql)
File : nvt/mdksa_2009_094.nasl
2009-04-23 Name : MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
File : nvt/mysql_29106.nasl
2009-04-09 Name : Mandriva Update for mysql MDVSA-2008:150 (mysql)
File : nvt/gb_mandriva_MDVSA_2008_150.nasl
2009-04-09 Name : Mandriva Update for mysql MDVSA-2008:149 (mysql)
File : nvt/gb_mandriva_MDVSA_2008_149.nasl
2009-03-23 Name : Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
File : nvt/gb_ubuntu_USN_671_1.nasl
2009-03-06 Name : RedHat Update for mysql RHSA-2008:0768-01
File : nvt/gb_RHSA-2008_0768-01_mysql.nasl
2009-01-23 Name : SuSE Update for openwsman SUSE-SA:2008:041
File : nvt/gb_suse_2008_041.nasl
2009-01-20 Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1)
File : nvt/suse_sr_2009_001.nasl
2009-01-20 Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0)
File : nvt/suse_sr_2009_001a.nasl
2009-01-20 Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3)
File : nvt/suse_sr_2009_001b.nasl
2009-01-02 Name : FreeBSD Ports: mysql-server
File : nvt/freebsd_mysql-server15.nasl
2008-11-19 Name : Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
File : nvt/deb_1662_1.nasl
2008-10-03 Name : FreeBSD Ports: mysql-client
File : nvt/freebsd_mysql-client0.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200809-04 (mysql)
File : nvt/glsa_200809_04.nasl
2008-09-17 Name : FreeBSD Ports: mysql-server
File : nvt/freebsd_mysql-server14.nasl
2008-07-15 Name : Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
File : nvt/deb_1608_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
60665 MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restricti...

55734 MySQL sql_parse.cc dispatch_command() Function Format String DoS

48710 MySQL Command Line Client HTML Output XSS

44937 MySQL MyISAM Table CREATE TABLE Privilege Check Bypass

Snort® IPS/IDS

Date Description
2014-01-10 mysql_log COM_DROP_DB format string vulnerability exploit attempt
RuleID : 16708 - Revision : 8 - Type : SERVER-MYSQL
2014-01-10 mysql_log COM_CREATE_DB format string vulnerability exploit attempt
RuleID : 16707 - Revision : 8 - Type : SERVER-MYSQL

Nessus® Vulnerability Scanner

Date Description
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_mysql_20130924.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0121.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO
2013-01-17 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0121.nasl - Type : ACT_GATHER_INFO
2013-01-17 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130108_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0121.nasl - Type : ACT_GATHER_INFO
2012-11-15 Name : The remote database server is affected by a local user to bypass privilege ce...
File : mysql_5_0_95_create_table_bypass.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080724_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090902_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100216_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100216_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-03-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1397-1.nasl - Type : ACT_GATHER_INFO
2012-01-16 Name : The remote database server allows a local user to circumvent privileges.
File : mysql_6_0_14_priv_bypass.nasl - Type : ACT_GATHER_INFO
2012-01-16 Name : A remote database client have a cross-site scripting vulnerability.
File : mysql_6_0_14_XSS.nasl - Type : ACT_GATHER_INFO
2012-01-16 Name : The remote database server is prone to a denial of service attack.
File : mysql_5_0_38.nasl - Type : ACT_GATHER_INFO
2012-01-06 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201201-02.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libmysqlclient-devel-100429.nasl - Type : ACT_GATHER_INFO
2010-11-09 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12661.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mysql-6899.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-012.nasl - Type : ACT_GATHER_INFO
2010-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libmysqlclient-devel-100401.nasl - Type : ACT_GATHER_INFO
2010-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libmysqlclient-devel-100504.nasl - Type : ACT_GATHER_INFO
2010-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libmysqlclient-devel-100401.nasl - Type : ACT_GATHER_INFO
2010-05-04 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libmysqlclient-devel-091216.nasl - Type : ACT_GATHER_INFO
2010-05-04 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libmysqlclient-devel-091216.nasl - Type : ACT_GATHER_INFO
2010-05-04 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libmysqlclient-devel-091215.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mysql-6897.nasl - Type : ACT_GATHER_INFO
2010-03-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0109.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1997.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1877.nasl - Type : ACT_GATHER_INFO
2010-02-18 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0110.nasl - Type : ACT_GATHER_INFO
2010-02-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0109.nasl - Type : ACT_GATHER_INFO
2010-02-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0110.nasl - Type : ACT_GATHER_INFO
2010-02-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-897-1.nasl - Type : ACT_GATHER_INFO
2010-01-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-011.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-326.nasl - Type : ACT_GATHER_INFO
2009-11-25 Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_1_41.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_libmysqlclient-devel-6360.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mysql-6446.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libmysqlclient-devel-090716.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12175.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12256.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12456.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libmysqlclient-devel-090716.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libmysqlclient-devel-090716.nasl - Type : ACT_GATHER_INFO
2009-07-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-159.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libmysqlclient-devel-080919.nasl - Type : ACT_GATHER_INFO
2009-04-30 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1783.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-094.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-150.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-149.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-671-1.nasl - Type : ACT_GATHER_INFO
2008-12-30 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_738f8f9ed66111dda7650030843d3802.nasl - Type : ACT_GATHER_INFO
2008-12-21 Name : The remote openSUSE host is missing a security update.
File : suse_libmysqlclient-devel-5619.nasl - Type : ACT_GATHER_INFO
2008-12-01 Name : The remote openSUSE host is missing a security update.
File : suse_mysql-5613.nasl - Type : ACT_GATHER_INFO
2008-11-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mysql-5618.nasl - Type : ACT_GATHER_INFO
2008-11-09 Name : The remote database server is susceptible to a privilege bypass attack.
File : mysql_es_5_0_70.nasl - Type : ACT_GATHER_INFO
2008-11-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1662.nasl - Type : ACT_GATHER_INFO
2008-10-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4775c8078f3011dd821f001cc0377035.nasl - Type : ACT_GATHER_INFO
2008-10-10 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO
2008-09-11 Name : The remote database server is affected by several issues.
File : mysql_5_0_67.nasl - Type : ACT_GATHER_INFO
2008-09-10 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_388d9ee47f2211dda66a0019666436c2.nasl - Type : ACT_GATHER_INFO
2008-09-05 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200809-04.nasl - Type : ACT_GATHER_INFO
2008-08-14 Name : The remote openSUSE host is missing a security update.
File : suse_libmysqlclient-devel-5341.nasl - Type : ACT_GATHER_INFO
2008-08-14 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mysql-5338.nasl - Type : ACT_GATHER_INFO
2008-07-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0768.nasl - Type : ACT_GATHER_INFO
2008-07-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1608.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote database server allows a local user to circumvent privileges.
File : mysql_es_5_0_60.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote database server allows a local user to circumvent privileges.
File : mysql_4_1_24.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:53:15
  • Multiple Updates