Test Kennung:	1.3.6.1.4.1.25623.1.0.51383
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2004:892
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2004:892. MySQL[1] is a very popular SQL database. This announcement fixes several vulnerabilities discovered in MySQL: 1.CVE-2004-0835 Oleksandr Byelkin noticed[2] that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one. 2.CVE-2004-0836 Lukasz Wojtow noticed[3] a buffer overrun in the mysql_real_connect() function. 3.CVE-2004-0837 Dean Ellis noticed[4] that multiple threads altering MERGE table UNIONs can cause the server to crash or stall. For Conectiva Linux 10, it also fixes a denial of service[5] with MATCH..AGAINST and a privilege escalation[6] on GRANT ALL ON `Foo\_Bar` Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.mysql.com/products/mysql/ http://bugs.mysql.com/bug.php?id=3270 http://bugs.mysql.com/bug.php?id=4017 http://bugs.mysql.com/bug.php?id=2408 http://bugs.mysql.com/bug.php?id=3870 http://bugs.mysql.com/bug.php?id=3933 http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0835 BugTraq ID: 11357 http://www.securityfocus.com/bid/11357 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Conectiva Linux advisory: CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 Debian Security Information: DSA-562 (Google Search) http://www.debian.org/security/2004/dsa-562 http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml http://bugs.mysql.com/bug.php?id=3270 http://lists.mysql.com/internals/13073 http://www.redhat.com/support/errata/RHSA-2004-597.html http://www.redhat.com/support/errata/RHSA-2004-611.html http://securitytracker.com/id?1011606 http://secunia.com/advisories/12783/ http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.trustix.org/errata/2004/0054/ XForce ISS Database: mysql-alter-restriction-bypass(17666) https://exchange.xforce.ibmcloud.com/vulnerabilities/17666 Common Vulnerability Exposure (CVE) ID: CVE-2004-0836 BugTraq ID: 10981 http://www.securityfocus.com/bid/10981 Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110140517515735&w=2 http://bugs.mysql.com/bug.php?id=4017 http://lists.mysql.com/internals/14726 http://secunia.com/advisories/12305/ XForce ISS Database: mysql-realconnect-bo(17047) https://exchange.xforce.ibmcloud.com/vulnerabilities/17047 Common Vulnerability Exposure (CVE) ID: CVE-2004-0837 http://bugs.mysql.com/2408 http://lists.mysql.com/internals/16168 http://lists.mysql.com/internals/16173 http://lists.mysql.com/internals/16174 http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15 XForce ISS Database: mysql-union-dos(17667) https://exchange.xforce.ibmcloud.com/vulnerabilities/17667
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.