ID de Prueba:	1.3.6.1.4.1.25623.1.0.63169
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: mysql-server
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: mysql-server CVE-2007-5969 MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5969 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html BugTraq ID: 26765 http://www.securityfocus.com/bid/26765 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server (Google Search) http://www.securityfocus.com/archive/1/486477/100/0/threaded Debian Security Information: DSA-1451 (Google Search) http://www.debian.org/security/2008/dsa-1451 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html http://security.gentoo.org/glsa/glsa-200804-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 http://lists.mysql.com/announce/495 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 http://www.redhat.com/support/errata/RHSA-2007-1155.html http://www.redhat.com/support/errata/RHSA-2007-1157.html http://www.securitytracker.com/id?1019060 http://secunia.com/advisories/27981 http://secunia.com/advisories/28025 http://secunia.com/advisories/28040 http://secunia.com/advisories/28063 http://secunia.com/advisories/28099 http://secunia.com/advisories/28108 http://secunia.com/advisories/28128 http://secunia.com/advisories/28343 http://secunia.com/advisories/28559 http://secunia.com/advisories/28838 http://secunia.com/advisories/29706 http://secunia.com/advisories/32222 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 SuSE Security Announcement: SUSE-SR:2008:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html https://usn.ubuntu.com/559-1/ http://www.vupen.com/english/advisories/2007/4142 http://www.vupen.com/english/advisories/2007/4198 http://www.vupen.com/english/advisories/2008/0560/references http://www.vupen.com/english/advisories/2008/1000/references http://www.vupen.com/english/advisories/2008/2780
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.