English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.51562
Kategorie:Conectiva Local Security Checks
Titel:Conectiva Security Advisory CLA-2002:555
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory CLA-2002:555.

MySQL is a very popular SQL database, distributed under the GNU-GPL
license.

Stefan Esser from e-matters[1] discovered several vulnerabilities in
the MySQL code that affect both the server and the client library
(libmysql) of MySQL.

The server vulnerabilities can be exploited to crash the MySQL
server, bypass password restrictions or even execute arbitrary code
with the privileges of the user running the server process.

The library ones consist in an arbitrary size heap overflow and a
memory addressing problem that can be both exploited to crash or
execute arbitrary code in programs linked against libmysql.

More details about each vulnerability can be found in the e-matters
security advisory[2].

The Common Vulnerabilities and Exposures project (cve.mitre.org) is
tracking these issues with the names CVE-2002-1373, CVE-2002-1374,
CVE-2002-1375 and CVE-2002-1376.


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.e-matters.de/
http://security.e-matters.de/advisories/042002.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1376
http://www.securityspace.com/smysecure/catid.html?in=CLA-2002:555
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002002

Risk factor : High

CVSS Score:
7.5

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2002-1373
BugTraq ID: 6368
http://www.securityfocus.com/bid/6368
Bugtraq: 20021212 Advisory 04/2002: Multiple MySQL vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=103971644013961&w=2
Conectiva Linux advisory: CLSA-2002:555
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555
Debian Security Information: DSA-212 (Google Search)
http://www.debian.org/security/2002/dsa-212
En Garde Linux Advisory: ESA-20030127-001
http://marc.info/?l=bugtraq&m=104004857201968&w=2
Immunix Linux Advisory: IMNX-2003-7+-008-01
http://www.securityfocus.com/advisories/5269
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:087
http://security.e-matters.de/advisories/042002.html
http://www.redhat.com/support/errata/RHSA-2002-288.html
http://www.redhat.com/support/errata/RHSA-2002-289.html
http://www.redhat.com/support/errata/RHSA-2003-166.html
SuSE Security Announcement: SUSE-SA:2003:003 (Google Search)
http://www.novell.com/linux/security/advisories/2003_003_mysql.html
http://www.trustix.net/errata/misc/2002/TSL-2002-0086-mysql.asc.txt
XForce ISS Database: mysql-comtabledump-dos(10846)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10846
Common Vulnerability Exposure (CVE) ID: CVE-2002-1374
BugTraq ID: 6373
http://www.securityfocus.com/bid/6373
Bugtraq: 20021216 [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql) (Google Search)
http://marc.info/?l=bugtraq&m=104005886114500&w=2
En Garde Linux Advisory: ESA-20021213-033
http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html
XForce ISS Database: mysql-comchangeuser-password-bypass(10847)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10847
Common Vulnerability Exposure (CVE) ID: CVE-2002-1375
BugTraq ID: 6375
http://www.securityfocus.com/bid/6375
XForce ISS Database: mysql-comchangeuser-password-bo(10848)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10848
Common Vulnerability Exposure (CVE) ID: CVE-2002-1376
BugTraq ID: 6370
http://www.securityfocus.com/bid/6370
BugTraq ID: 6374
http://www.securityfocus.com/bid/6374
Bugtraq: 20021215 GLSA: mysql (Google Search)
Bugtraq: 20021219 TSLSA-2002-0086 - mysql (Google Search)
http://marc.info/?l=bugtraq&m=104033188706000&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2002:087
XForce ISS Database: mysql-libmysqlclient-readonerow-bo(10850)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10850
XForce ISS Database: mysql-libmysqlclient-readrows-bo(10849)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10849
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.