Executive Summary
Summary | |
---|---|
Title | mysql security update |
Informations | |||
---|---|---|---|
Name | RHSA-2007:1157 | First vendor Publication | 2007-12-19 |
Vendor | RedHat | Last vendor Modification | 2007-12-19 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 3.9 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated mysql packages that fix several security issues are now available for Red Hat Application Stack v1 and v2. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, x86_64 3. Problem description: MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld), and many different client programs and libraries. A flaw was found in a way MySQL handled symbolic links when database tables were created with explicit "DATA" and "INDEX DIRECTORY" options. An authenticated user could create a table that would overwrite tables in other databases, causing destruction of data or allowing the user to elevate privileges. (CVE-2007-5969) A flaw was found in a way MySQL's InnoDB engine handled spatial indexes. An authenticated user could create a table with spatial indexes, which are not supported by the InnoDB engine, that would cause the mysql daemon to crash when used. This issue only causes a temporary denial of service, as the mysql daemon will be automatically restarted after the crash. (CVE-2007-5925) A flaw was found in a way MySQL handled the "DEFINER" view parameter. A user with the "ALTER VIEW" privilege for a view created by another database user, could modify that view to get access to any data accessible to the creator of said view. (CVE-2007-6303) All mysql users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 377451 - CVE-2007-5925 mysql DoS in the InnoDB Engine 397071 - CVE-2007-5969 mysql: possible system table information overwrite using symlinks 420231 - CVE-2007-6303 mysql: DEFINER value of view not altered on ALTER VIEW |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2007-1157.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10509 | |||
Oval ID: | oval:org.mitre.oval:def:10509 | ||
Title: | MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. | ||
Description: | MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5969 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11390 | |||
Oval ID: | oval:org.mitre.oval:def:11390 | ||
Title: | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. | ||
Description: | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5925 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20366 | |||
Oval ID: | oval:org.mitre.oval:def:20366 | ||
Title: | DSA-1413-1 mysql - multiple | ||
Description: | Several vulnerabilities have been found in the MySQL database packages with implications ranging from unauthorised database modifications to remotely triggered server crashes. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1413-1 CVE-2007-2583 CVE-2007-2691 CVE-2007-2692 CVE-2007-3780 CVE-2007-3782 CVE-2007-5925 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | mysql-dfsg-5.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21851 | |||
Oval ID: | oval:org.mitre.oval:def:21851 | ||
Title: | ELSA-2007:1155: mysql security update (Important) | ||
Description: | MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1155-01 CVE-2007-5969 CVE-2007-5925 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | mysql |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-03-16 | Name : Ubuntu Update for mysql-5.1 USN-1397-1 File : nvt/gb_ubuntu_USN_1397_1.nasl |
2010-05-12 | Name : Mac OS X Security Update 2008-007 File : nvt/macosx_secupd_2008-007.nasl |
2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5021882.nasl |
2009-04-09 | Name : Mandriva Update for MySQL MDKSA-2007:243 (MySQL) File : nvt/gb_mandriva_MDKSA_2007_243.nasl |
2009-04-09 | Name : Mandriva Update for mysql MDVSA-2008:017 (mysql) File : nvt/gb_mandriva_MDVSA_2008_017.nasl |
2009-03-23 | Name : Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1 File : nvt/gb_ubuntu_USN_559_1.nasl |
2009-03-23 | Name : Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1 File : nvt/gb_ubuntu_USN_588_1.nasl |
2009-03-23 | Name : Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2 File : nvt/gb_ubuntu_USN_588_2.nasl |
2009-03-06 | Name : RedHat Update for mysql RHSA-2007:1155-01 File : nvt/gb_RHSA-2007_1155-01_mysql.nasl |
2009-02-27 | Name : CentOS Update for mysql CESA-2007:1155 centos4 x86_64 File : nvt/gb_CESA-2007_1155_mysql_centos4_x86_64.nasl |
2009-02-27 | Name : Fedora Update for mysql FEDORA-2007-4465 File : nvt/gb_fedora_2007_4465_mysql_fc8.nasl |
2009-02-27 | Name : Fedora Update for mysql FEDORA-2007-4471 File : nvt/gb_fedora_2007_4471_mysql_fc7.nasl |
2009-02-27 | Name : CentOS Update for mysql CESA-2007:1155 centos4 i386 File : nvt/gb_CESA-2007_1155_mysql_centos4_i386.nasl |
2009-01-13 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-25 (mysql) File : nvt/glsa_200711_25.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-04 (mysql) File : nvt/glsa_200804_04.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1) File : nvt/deb_1413_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0) File : nvt/deb_1451_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-348-01 mysql File : nvt/esoft_slk_ssa_2007_348_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
51171 | MySQL InnoDB convert_search_mode_to_innobase Function DoS |
42610 | MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation |
42608 | MySQL RENAME TABLE Symlink System Table Overwrite |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8178.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1155.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071218_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-03-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1397-1.nasl - Type : ACT_GATHER_INFO |
2012-01-18 | Name : The remote database is vulnerable to a denial fo service attack. File : mysql_5_0_54_5_1_23_6_0_4_DoS.nasl - Type : ACT_GATHER_INFO |
2012-01-16 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_6_0_4.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12044.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-028.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-017.nasl - Type : ACT_GATHER_INFO |
2009-01-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8c451386dff311dda7650030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO |
2008-09-11 | Name : The remote database server is affected by several issues. File : mysql_5_0_67.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-04.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-588-2.nasl - Type : ACT_GATHER_INFO |
2008-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-588-1.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mysql-4879.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote openSUSE host is missing a security update. File : suse_libmysqlclient-devel-4873.nasl - Type : ACT_GATHER_INFO |
2008-01-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1451.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-559-1.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1155.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1155.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4465.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4471.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-348-01.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote database server is affected by several issues. File : mysql_enterprise_5_0_52.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote database server is affected by several issues. File : mysql_5_1_23.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-243.nasl - Type : ACT_GATHER_INFO |
2007-12-10 | Name : The remote database server is susceptible to a local symlink attack. File : mysql_5_0_51.nasl - Type : ACT_GATHER_INFO |
2007-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1413.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-25.nasl - Type : ACT_GATHER_INFO |