ID de Prueba:	1.3.6.1.4.1.25623.1.0.51383
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2004:892
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2004:892. MySQL[1] is a very popular SQL database. This announcement fixes several vulnerabilities discovered in MySQL: 1.CVE-2004-0835 Oleksandr Byelkin noticed[2] that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one. 2.CVE-2004-0836 Lukasz Wojtow noticed[3] a buffer overrun in the mysql_real_connect() function. 3.CVE-2004-0837 Dean Ellis noticed[4] that multiple threads altering MERGE table UNIONs can cause the server to crash or stall. For Conectiva Linux 10, it also fixes a denial of service[5] with MATCH..AGAINST and a privilege escalation[6] on GRANT ALL ON `Foo\_Bar` Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.mysql.com/products/mysql/ http://bugs.mysql.com/bug.php?id=3270 http://bugs.mysql.com/bug.php?id=4017 http://bugs.mysql.com/bug.php?id=2408 http://bugs.mysql.com/bug.php?id=3870 http://bugs.mysql.com/bug.php?id=3933 http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0835 BugTraq ID: 11357 http://www.securityfocus.com/bid/11357 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Conectiva Linux advisory: CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 Debian Security Information: DSA-562 (Google Search) http://www.debian.org/security/2004/dsa-562 http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml http://bugs.mysql.com/bug.php?id=3270 http://lists.mysql.com/internals/13073 http://www.redhat.com/support/errata/RHSA-2004-597.html http://www.redhat.com/support/errata/RHSA-2004-611.html http://securitytracker.com/id?1011606 http://secunia.com/advisories/12783/ http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.trustix.org/errata/2004/0054/ XForce ISS Database: mysql-alter-restriction-bypass(17666) https://exchange.xforce.ibmcloud.com/vulnerabilities/17666 Common Vulnerability Exposure (CVE) ID: CVE-2004-0836 BugTraq ID: 10981 http://www.securityfocus.com/bid/10981 Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110140517515735&w=2 http://bugs.mysql.com/bug.php?id=4017 http://lists.mysql.com/internals/14726 http://secunia.com/advisories/12305/ XForce ISS Database: mysql-realconnect-bo(17047) https://exchange.xforce.ibmcloud.com/vulnerabilities/17047 Common Vulnerability Exposure (CVE) ID: CVE-2004-0837 http://bugs.mysql.com/2408 http://lists.mysql.com/internals/16168 http://lists.mysql.com/internals/16173 http://lists.mysql.com/internals/16174 http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15 XForce ISS Database: mysql-union-dos(17667) https://exchange.xforce.ibmcloud.com/vulnerabilities/17667
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.