Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:111 (MySQL)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57021

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:111 (MySQL)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to MySQL
announced via advisory MDKSA-2006:111.

Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before
5.1.6 allows remote authorized users to cause a denial of service (crash)
via a NULL second argument to the str_to_date function.

MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue.

Packages have been patched to correct this issue.

Affected: 10.2, 2006.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:111

Risk factor : Medium

CVSS Score:
4.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-3081
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
BugTraq ID: 18439
http://www.securityfocus.com/bid/18439
Bugtraq: 20060614 MySQL DoS (Google Search)
http://www.securityfocus.com/archive/1/437145
Bugtraq: 20060615 Re: MySQL DoS (Google Search)
http://www.securityfocus.com/archive/1/437277
http://www.securityfocus.com/archive/1/437571/100/0/threaded
Cert/CC Advisory: TA06-208A
http://www.us-cert.gov/cas/techalerts/TA06-208A.html
Cert/CC Advisory: TA07-072A
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Debian Security Information: DSA-1112 (Google Search)
http://www.debian.org/security/2006/dsa-1112
http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:111
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516
http://www.redhat.com/support/errata/RHSA-2007-0083.html
http://secunia.com/advisories/19929
http://secunia.com/advisories/20832
http://secunia.com/advisories/20871
http://secunia.com/advisories/24479
https://usn.ubuntu.com/306-1/
http://www.vupen.com/english/advisories/2007/0930
XForce ISS Database: mysql-select-dos(27212)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27212

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57021
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:111 (MySQL)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to MySQL announced via advisory MDKSA-2006:111. Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue. Packages have been patched to correct this issue. Affected: 10.2, 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:111 Risk factor : Medium CVSS Score: 4.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3081 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 18439 http://www.securityfocus.com/bid/18439 Bugtraq: 20060614 MySQL DoS (Google Search) http://www.securityfocus.com/archive/1/437145 Bugtraq: 20060615 Re: MySQL DoS (Google Search) http://www.securityfocus.com/archive/1/437277 http://www.securityfocus.com/archive/1/437571/100/0/threaded Cert/CC Advisory: TA06-208A http://www.us-cert.gov/cas/techalerts/TA06-208A.html Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html Debian Security Information: DSA-1112 (Google Search) http://www.debian.org/security/2006/dsa-1112 http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:111 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516 http://www.redhat.com/support/errata/RHSA-2007-0083.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20832 http://secunia.com/advisories/20871 http://secunia.com/advisories/24479 https://usn.ubuntu.com/306-1/ http://www.vupen.com/english/advisories/2007/0930 XForce ISS Database: mysql-select-dos(27212) https://exchange.xforce.ibmcloud.com/vulnerabilities/27212
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com