FreeBSD Local Security Checks : FreeBSD Ports: mysql-server

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56714

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: mysql-server

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: mysql-server

CVE-2006-1518
Buffer overflow in the open_table function in sql_base.cc in MySQL
5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary
code via crafted COM_TABLE_DUMP packets with invalid length values.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1518
BugTraq ID: 17780
http://www.securityfocus.com/bid/17780
Bugtraq: 20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution. (Google Search)
http://www.securityfocus.com/archive/1/432734/100/0/threaded
CERT/CC vulnerability note: VU#602457
http://www.kb.cert.org/vuls/id/602457
Debian Security Information: DSA-1071 (Google Search)
http://www.debian.org/security/2006/dsa-1071
Debian Security Information: DSA-1073 (Google Search)
http://www.debian.org/security/2006/dsa-1073
Debian Security Information: DSA-1079 (Google Search)
http://www.debian.org/security/2006/dsa-1079
http://www.wisec.it/vulns.php?page=8
http://securitytracker.com/id?1016016
http://secunia.com/advisories/19929
http://secunia.com/advisories/20241
http://secunia.com/advisories/20253
http://secunia.com/advisories/20333
http://secunia.com/advisories/20457
http://secunia.com/advisories/20762
http://securityreason.com/securityalert/839
SuSE Security Announcement: SUSE-SA:2006:036 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
SuSE Security Announcement: SUSE-SR:2006:012 (Google Search)
http://www.novell.com/linux/security/advisories/2006-06-02.html
http://www.vupen.com/english/advisories/2006/1633
XForce ISS Database: mysql-comtabledump-bo(26232)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26232

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56714
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: mysql-server
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: mysql-server CVE-2006-1518 Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1518 BugTraq ID: 17780 http://www.securityfocus.com/bid/17780 Bugtraq: 20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution. (Google Search) http://www.securityfocus.com/archive/1/432734/100/0/threaded CERT/CC vulnerability note: VU#602457 http://www.kb.cert.org/vuls/id/602457 Debian Security Information: DSA-1071 (Google Search) http://www.debian.org/security/2006/dsa-1071 Debian Security Information: DSA-1073 (Google Search) http://www.debian.org/security/2006/dsa-1073 Debian Security Information: DSA-1079 (Google Search) http://www.debian.org/security/2006/dsa-1079 http://www.wisec.it/vulns.php?page=8 http://securitytracker.com/id?1016016 http://secunia.com/advisories/19929 http://secunia.com/advisories/20241 http://secunia.com/advisories/20253 http://secunia.com/advisories/20333 http://secunia.com/advisories/20457 http://secunia.com/advisories/20762 http://securityreason.com/securityalert/839 SuSE Security Announcement: SUSE-SA:2006:036 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html SuSE Security Announcement: SUSE-SR:2006:012 (Google Search) http://www.novell.com/linux/security/advisories/2006-06-02.html http://www.vupen.com/english/advisories/2006/1633 XForce ISS Database: mysql-comtabledump-bo(26232) https://exchange.xforce.ibmcloud.com/vulnerabilities/26232
Copyright	Copyright (C) 2008 E-Soft Inc.