ID de Prueba:	1.3.6.1.4.1.25623.1.0.51152
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2004:569
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2004:569. MySQL is a multi-user, multi-threaded SQL database server. This update fixes a number of small bugs, including some potential security problems associated with careless handling of temporary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0381, CVE-2004-0388, and CVE-2004-0457 to these issues. A number of additional security issues that affect mysql have been corrected in the source package. These include CVE-2004-0835, CVE-2004-0836, CVE-2004-0837, and CVE-2004-0957. Red Hat Enterprise Linux 3 does not ship with the mysql-server package and is therefore not affected by these issues. This update also allows 32-bit and 64-bit libraries to be installed concurrently on the same system. All users of mysql should upgrade to these updated packages, which resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-569.html Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0381 BugTraq ID: 9976 http://www.securityfocus.com/bid/9976 Bugtraq: 20040324 mysqlbug tmpfile/symlink vulnerability. (Google Search) http://marc.info/?l=bugtraq&m=108023246916294&w=2 Bugtraq: 20040414 [OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql) (Google Search) http://marc.info/?l=bugtraq&m=108206802810402&w=2 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Debian Security Information: DSA-483 (Google Search) http://www.debian.org/security/2004/dsa-483 http://security.gentoo.org/glsa/glsa-200405-20.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11557 http://www.redhat.com/support/errata/RHSA-2004-569.html http://www.redhat.com/support/errata/RHSA-2004-597.html XForce ISS Database: mysql-mysqlbug-symlink(15617) https://exchange.xforce.ibmcloud.com/vulnerabilities/15617 Common Vulnerability Exposure (CVE) ID: CVE-2004-0388 BugTraq ID: 10142 http://www.securityfocus.com/bid/10142 http://www.osvdb.org/6421 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10559 http://securitytracker.com/id?1009784 http://secunia.com/advisories/11223/ XForce ISS Database: mysql-mysqldmulti-symlink(15883) https://exchange.xforce.ibmcloud.com/vulnerabilities/15883 Common Vulnerability Exposure (CVE) ID: CVE-2004-0457 Debian Security Information: DSA-540 (Google Search) http://www.debian.org/security/2004/dsa-540 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10693 XForce ISS Database: mysql-mysqlhotcopy-insecure-file(17030) https://exchange.xforce.ibmcloud.com/vulnerabilities/17030 Common Vulnerability Exposure (CVE) ID: CVE-2004-0835 BugTraq ID: 11357 http://www.securityfocus.com/bid/11357 Conectiva Linux advisory: CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 Debian Security Information: DSA-562 (Google Search) http://www.debian.org/security/2004/dsa-562 http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml http://bugs.mysql.com/bug.php?id=3270 http://lists.mysql.com/internals/13073 http://www.redhat.com/support/errata/RHSA-2004-611.html http://securitytracker.com/id?1011606 http://secunia.com/advisories/12783/ http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.trustix.org/errata/2004/0054/ XForce ISS Database: mysql-alter-restriction-bypass(17666) https://exchange.xforce.ibmcloud.com/vulnerabilities/17666 Common Vulnerability Exposure (CVE) ID: CVE-2004-0836 BugTraq ID: 10981 http://www.securityfocus.com/bid/10981 Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110140517515735&w=2 http://bugs.mysql.com/bug.php?id=4017 http://lists.mysql.com/internals/14726 http://secunia.com/advisories/12305/ XForce ISS Database: mysql-realconnect-bo(17047) https://exchange.xforce.ibmcloud.com/vulnerabilities/17047 Common Vulnerability Exposure (CVE) ID: CVE-2004-0837 http://bugs.mysql.com/2408 http://lists.mysql.com/internals/16168 http://lists.mysql.com/internals/16173 http://lists.mysql.com/internals/16174 http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15 XForce ISS Database: mysql-union-dos(17667) https://exchange.xforce.ibmcloud.com/vulnerabilities/17667 Common Vulnerability Exposure (CVE) ID: CVE-2004-0957 Conectiva Linux advisory: CLA-2005:947 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 Debian Security Information: DSA-707 (Google Search) http://www.debian.org/security/2005/dsa-707 http://www.mandriva.com/security/advisories?name=MDKSA-2005:070 https://www.ubuntu.com/usn/usn-32-1/ XForce ISS Database: mysql-underscore-gain-priv(17783) https://exchange.xforce.ibmcloud.com/vulnerabilities/17783
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.