Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200503-19 (mysql)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54884

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200503-19 (mysql)

Resumen: The remote host is missing updates announced in;advisory GLSA 200503-19.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200503-19.

Vulnerability Insight:
MySQL contains several vulnerabilities potentially leading to the
overwriting of local files or to the execution of arbitrary code.

Solution:
All MySQL users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-db/mysql-4.0.24'

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0709
101864
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1
12781
http://www.securityfocus.com/bid/12781
2005-0009
http://www.trustix.org/errata/2005/0009/
20050310 Mysql CREATE FUNCTION libc arbitrary code execution.
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html
http://marc.info/?l=bugtraq&m=111066115808506&w=2
APPLE-SA-2005-08-15
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
APPLE-SA-2005-08-17
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
DSA-707
http://www.debian.org/security/2005/dsa-707
GLSA-200503-19
http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml
MDKSA-2005:060
http://www.mandriva.com/security/advisories?name=MDKSA-2005:060
RHSA-2005:334
http://www.redhat.com/support/errata/RHSA-2005-334.html
RHSA-2005:348
http://www.redhat.com/support/errata/RHSA-2005-348.html
SUSE-SA:2005:019
http://www.novell.com/linux/security/advisories/2005_19_mysql.html
USN-96-1
https://usn.ubuntu.com/96-1/
oval:org.mitre.oval:def:10479
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10479
Common Vulnerability Exposure (CVE) ID: CVE-2005-0710
20050310 Mysql CREATE FUNCTION mysql.func table arbitrary library injection
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0083.html
http://marc.info/?l=bugtraq&m=111065974004648&w=2
mysql-udfinit-gain-access(19658)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19658
oval:org.mitre.oval:def:10180
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10180
Common Vulnerability Exposure (CVE) ID: CVE-2005-0711
20050310 Mysql insecure temporary file creation with CREATE TEMPORARY TABLE privilege escalation
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html
oval:org.mitre.oval:def:9591
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54884
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200503-19 (mysql)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200503-19.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200503-19. Vulnerability Insight: MySQL contains several vulnerabilities potentially leading to the overwriting of local files or to the execution of arbitrary code. Solution: All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mysql-4.0.24' CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0709 101864 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 12781 http://www.securityfocus.com/bid/12781 2005-0009 http://www.trustix.org/errata/2005/0009/ 20050310 Mysql CREATE FUNCTION libc arbitrary code execution. http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html http://marc.info/?l=bugtraq&m=111066115808506&w=2 APPLE-SA-2005-08-15 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html APPLE-SA-2005-08-17 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html DSA-707 http://www.debian.org/security/2005/dsa-707 GLSA-200503-19 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml MDKSA-2005:060 http://www.mandriva.com/security/advisories?name=MDKSA-2005:060 RHSA-2005:334 http://www.redhat.com/support/errata/RHSA-2005-334.html RHSA-2005:348 http://www.redhat.com/support/errata/RHSA-2005-348.html SUSE-SA:2005:019 http://www.novell.com/linux/security/advisories/2005_19_mysql.html USN-96-1 https://usn.ubuntu.com/96-1/ oval:org.mitre.oval:def:10479 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10479 Common Vulnerability Exposure (CVE) ID: CVE-2005-0710 20050310 Mysql CREATE FUNCTION mysql.func table arbitrary library injection http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0083.html http://marc.info/?l=bugtraq&m=111065974004648&w=2 mysql-udfinit-gain-access(19658) https://exchange.xforce.ibmcloud.com/vulnerabilities/19658 oval:org.mitre.oval:def:10180 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10180 Common Vulnerability Exposure (CVE) ID: CVE-2005-0711 20050310 Mysql insecure temporary file creation with CREATE TEMPORARY TABLE privilege escalation http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html oval:org.mitre.oval:def:9591 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591
Copyright	Copyright (C) 2008 E-Soft Inc.