Test Kennung:	1.3.6.1.4.1.25623.1.0.63169
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: mysql-server
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: mysql-server CVE-2007-5969 MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5969 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html BugTraq ID: 26765 http://www.securityfocus.com/bid/26765 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server (Google Search) http://www.securityfocus.com/archive/1/486477/100/0/threaded Debian Security Information: DSA-1451 (Google Search) http://www.debian.org/security/2008/dsa-1451 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html http://security.gentoo.org/glsa/glsa-200804-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 http://lists.mysql.com/announce/495 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 http://www.redhat.com/support/errata/RHSA-2007-1155.html http://www.redhat.com/support/errata/RHSA-2007-1157.html http://www.securitytracker.com/id?1019060 http://secunia.com/advisories/27981 http://secunia.com/advisories/28025 http://secunia.com/advisories/28040 http://secunia.com/advisories/28063 http://secunia.com/advisories/28099 http://secunia.com/advisories/28108 http://secunia.com/advisories/28128 http://secunia.com/advisories/28343 http://secunia.com/advisories/28559 http://secunia.com/advisories/28838 http://secunia.com/advisories/29706 http://secunia.com/advisories/32222 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 SuSE Security Announcement: SUSE-SR:2008:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html https://usn.ubuntu.com/559-1/ http://www.vupen.com/english/advisories/2007/4142 http://www.vupen.com/english/advisories/2007/4198 http://www.vupen.com/english/advisories/2008/0560/references http://www.vupen.com/english/advisories/2008/1000/references http://www.vupen.com/english/advisories/2008/2780
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.