Executive Summary
Summary | |
---|---|
Title | MySQL vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-338-1 | First vendor Publication | 2006-09-05 |
Vendor | Ubuntu | Last vendor Modification | 2006-09-05 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Dmitri Lenev discovered that arguments of setuid SQL functions were evaluated in the security context of the functions' definer instead of its caller. An authenticated user with the privilege to call such a function could exploit this to execute arbitrary statements with the privileges of the definer of that function. (CVE-2006-4227) Peter Gulutzan reported a potentially confusing situation of the MERGE table engine. If an user creates a merge table, and the administrator later revokes privileges on the original table only (without changing the privileges on the merge table), that user still has access to the data by using the merge table. This is intended behaviour, but might be undesirable in some installations; this update introduces a new server option "--skip-merge" which disables the MERGE engine completely. (CVE-2006-4031) |
Original Source
Url : http://www.ubuntu.com/usn/USN-338-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10105 | |||
Oval ID: | oval:org.mitre.oval:def:10105 | ||
Title: | MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. | ||
Description: | MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-4227 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10468 | |||
Oval ID: | oval:org.mitre.oval:def:10468 | ||
Title: | MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. | ||
Description: | MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-4031 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for mysql File : nvt/sles9p5014017.nasl |
2009-03-06 | Name : RedHat Update for mysql RHSA-2008:0364-01 File : nvt/gb_RHSA-2008_0364-01_mysql.nasl |
2009-03-06 | Name : RedHat Update for mysql RHSA-2008:0768-01 File : nvt/gb_RHSA-2008_0768-01_mysql.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server12.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
28013 | MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution |
27703 | MySQL MERGE Table Privilege Persistence |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080521_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080724_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote database server allows a local user to access unauthorized data. File : mysql_5_0_24.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote database server may allow a remote user access to objects for whic... File : mysql_5_1_12_suid.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0768.nasl - Type : ACT_GATHER_INFO |
2008-05-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0364.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mysql-2073.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-338-1.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_mysql-2075.nasl - Type : ACT_GATHER_INFO |
2007-03-13 | Name : The remote host is missing a Mac OS X update which fixes a security issue. File : macosx_10_4_9.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-149.nasl - Type : ACT_GATHER_INFO |
2006-10-30 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a9c51caf660311dbab90000e35fd8194.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:03:43 |
|