Executive Summary
Summary | |
---|---|
Title | Updated mysql packages fix minor security issues and bugs |
Informations | |||
---|---|---|---|
Name | RHSA-2004:569 | First vendor Publication | 2004-10-20 |
Vendor | RedHat | Last vendor Modification | 2004-10-20 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated mysql packages that fix various temporary file security issues, as well as a number of bugs, are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: MySQL is a multi-user, multi-threaded SQL database server. This update fixes a number of small bugs, including some potential security problems associated with careless handling of temporary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-0381, CAN-2004-0388, and CAN-2004-0457 to these issues. A number of additional security issues that affect mysql have been corrected in the source package. These include CAN-2004-0835, CAN-2004-0836, CAN-2004-0837, and CAN-2004-0957. Red Hat Enterprise Linux 3 does not ship with the mysql-server package and is therefore not affected by these issues. This update also allows 32-bit and 64-bit libraries to be installed concurrently on the same system. All users of mysql should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 58732 - /etc/init.d/mysqld doesn't wait for server to start 108779 - Always timeout error starting MySQL Daemon 117017 - RHEL2.1: removing mysql-server does not remove the mysql user. 115165 - botched string concat ? 113960 - [PATCH] Bug fix + enhancement for mysql_setpermission 112693 - mysqlhotcopy of local Fedora DB broken after upgrade from RH9 102190 - specfile contains improper log details in %files 124352 - Cannot drop databases 119442 - CAN-2004-0381 mysqlbug temporary file vulnerability 130348 - CAN-2004-0457 mysqlhotcopy insecure temporary file vulnerability 128852 - database service should start earlier 129409 - linking with 'mysql --libs' doesent seem to work correctly. 133993 - Service mysqld restart 135387 - CAN-2004-0835 MySQL flaws (CAN-2004-0836, CAN-2004-0837, CAN-2004-0957) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2004-569.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10559 | |||
Oval ID: | oval:org.mitre.oval:def:10559 | ||
Title: | The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | ||
Description: | The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0388 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:10693 | |||
Oval ID: | oval:org.mitre.oval:def:10693 | ||
Title: | The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
Description: | The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0457 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11557 | |||
Oval ID: | oval:org.mitre.oval:def:11557 | ||
Title: | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | ||
Description: | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0381 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5020865.nasl |
2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5015996.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-22 (MySQL) File : nvt/glsa_200410_22.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-02 (MySQL) File : nvt/glsa_200409_02.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200405-20 (MySQL) File : nvt/glsa_200405_20.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server4.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server3.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server1.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server0.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-scripts File : nvt/freebsd_mysql-scripts0.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-client File : nvt/freebsd_mysql-client.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 483-1 (mysql) File : nvt/deb_483_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 707-1 (mysql) File : nvt/deb_707_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 562-1 (mysql) File : nvt/deb_562_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 540-1 (mysql) File : nvt/deb_540_1.nasl |
2005-11-03 | Name : MySQL buffer overflow File : nvt/mysql_buff_overflow.nasl |
2005-11-03 | Name : MySQL mysqlhotcopy script insecure temporary file File : nvt/mysql_hotcopy_tempfile.nasl |
2005-11-03 | Name : MySQL multiple flaws (2) File : nvt/mysql_multiple_flaws2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10959 | MySQL GRANT ALL ON Privilege Escalation MySQL contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when that users is given GRANT privileges on a database whose name contains an underscore, i.e. database_name. The underscore is treated as a wildcard; continuing the example, the user would then have GRANT privileges on database1name, databaseZname, etc. This flaw may lead to a loss of confidentiality and/or integrity. |
10660 | MySQL ALTER TABLE/RENAME Forces Old Permission Checks MySQL ALTER TABLE/RENAME contains a flaw that may allow a malicious user to force old permission checks. The issue is triggered when an error in ALTER TABLE/RENAME operation forces old permission checks on tables. It is possible that the flaw may allow an attacker to bypass permissions resulting in a loss of confidentiality and/or integrity. |
10659 | MySQL ALTER MERGE Tables to Change the UNION DoS MySQL contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker uses multiple threads to ALTER the same or different MERGE tables in order to change the UNION., and will result in loss of availability for the server. |
10658 | MySQL mysql_real_connect() Function Remote Overflow A remote overflow exists in MySQL. MySQL fails to perform proper bounds checking on the 'mysql_real_connect' function resulting in a buffer overflow. With a specially crafted request, an attacker may cause a remote buffer overflow resulting in a loss of confidentiality and/or integrity. |
9015 | MySQL mysqlhotcopy Insecure Temporary File Creation mysqlhotcopy within MySQL contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when mysqlhotcopy creates insecure temporary files. It is possible that the flaw may allow a malicious user to use specially crafted symlinks to arbitrarily ovewrite files resulting in a loss of confidentiality and/or integrity. |
6421 | MySQL mysqld_multi Symlink Arbitrary File Overwrite MySQL contains a flaw that may allow a malicious user to arbitrary overwrite files. The problem is that the "mysqld_multi" script creates files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symlink to this file, which could allow arbitrary files to be overwriten on the system, resulting in a loss of integrity. |
6420 | MySQL mysqlbug Symlink Arbitrary File Overwrite MySQL contains a flaw that may allow a malicious user to arbitrary overwrite files. The problem is that the "mysqlbug" script creates files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symlink to this file, which could allow arbitrary files to be overwriten on the system, resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft MSN Messenger png overflow RuleID : 3130-community - Revision : 8 - Type : PUA-OTHER |
2014-01-10 | Microsoft MSN Messenger png overflow RuleID : 3130 - Revision : 8 - Type : PUA-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-01-18 | Name : Arbitrary files could be overwritten on the remote server. File : mysql_4_0_20.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : Arbitrary files may be overwritten on the remote database server. File : mysql_4_1_2.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2e1298468fbb11d88b290020ed76ef5a.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0c4d5973f2ab11d89837000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-109-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-32-1.nasl - Type : ACT_GATHER_INFO |
2005-08-18 | Name : The remote host is missing Sun Security Patch number 120293-02 File : solaris10_x86_120293.nasl - Type : ACT_GATHER_INFO |
2005-08-18 | Name : The remote host is missing Sun Security Patch number 120292-02 File : solaris10_120292.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_01c231cd439311d98bb900065be4b5b6.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_035d17b2484a11d9813c00065be4b5b6.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_06a6b2cf484b11d9813c00065be4b5b6.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_835256b846ed11d98ce000065be4b5b6.nasl - Type : ACT_GATHER_INFO |
2005-04-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-707.nasl - Type : ACT_GATHER_INFO |
2005-04-13 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-070.nasl - Type : ACT_GATHER_INFO |
2004-12-09 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-530.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-562.nasl - Type : ACT_GATHER_INFO |
2004-11-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-611.nasl - Type : ACT_GATHER_INFO |
2004-11-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-119.nasl - Type : ACT_GATHER_INFO |
2004-10-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-22.nasl - Type : ACT_GATHER_INFO |
2004-10-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-569.nasl - Type : ACT_GATHER_INFO |
2004-10-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-597.nasl - Type : ACT_GATHER_INFO |
2004-10-17 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_multiple_flaws3.nasl - Type : ACT_GATHER_INFO |
2004-10-11 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_multiple_flaws2.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-483.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-540.nasl - Type : ACT_GATHER_INFO |
2004-09-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200409-02.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200405-20.nasl - Type : ACT_GATHER_INFO |
2004-08-23 | Name : The remote database server is affected by an insecure temporary file creation... File : mysql_hotcopy_tempfile.nasl - Type : ACT_GATHER_INFO |
2004-08-20 | Name : The remote database server is affected by a remote code execution vulnerability. File : mysql_buff_overflow.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-034.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:48:43 |
|
2013-05-11 12:22:39 |
|