ID de Prueba:	1.3.6.1.4.1.25623.1.0.52072
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:070 (MySQL)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to MySQL announced via advisory MDKSA-2005:070. A vulnerability in MySQL would allow a user with grant privileges to a database with a name containing an underscore character (_) to have the ability to grant privileges to other databases with similar names. This problem was previously discovered and fixed, but a new case where the problem still existed was recently discovered. The updated packages have been patched to correct this issue. Affected versions: 10.0, 10.1, Corporate 3.0, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:070 Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0957 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Conectiva Linux advisory: CLA-2005:947 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 Debian Security Information: DSA-707 (Google Search) http://www.debian.org/security/2005/dsa-707 http://www.mandriva.com/security/advisories?name=MDKSA-2005:070 http://www.redhat.com/support/errata/RHSA-2004-597.html http://www.redhat.com/support/errata/RHSA-2004-611.html https://www.ubuntu.com/usn/usn-32-1/ XForce ISS Database: mysql-underscore-gain-priv(17783) https://exchange.xforce.ibmcloud.com/vulnerabilities/17783
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.