ID de Prueba:	1.3.6.1.4.1.25623.1.0.64932
Categoría:	CentOS Local Security Checks
Título:	CentOS Security Advisory CESA-2009:1289 (mysql)
Resumen:	CentOS Security Advisory CESA-2009:1289 (mysql)
Descripción:	Description: The remote host is missing updates to mysql announced in advisory CESA-2009:1289. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1289 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1289 CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2079 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html Debian Security Information: DSA-1608 (Google Search) http://www.debian.org/security/2008/dsa-1608 http://www.mandriva.com/security/advisories?name=MDVSA-2008:149 http://www.mandriva.com/security/advisories?name=MDVSA-2008:150 http://www.redhat.com/support/errata/RHSA-2008-0505.html http://www.redhat.com/support/errata/RHSA-2008-0510.html http://www.redhat.com/support/errata/RHSA-2008-0768.html http://www.redhat.com/support/errata/RHSA-2009-1289.html SuSE Security Announcement: SUSE-SR:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://www.ubuntu.com/usn/USN-671-1 BugTraq ID: 29106 http://www.securityfocus.com/bid/29106 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133 http://secunia.com/advisories/36701 http://secunia.com/advisories/32769 http://secunia.com/advisories/36566 http://www.vupen.com/english/advisories/2008/1472/references http://www.vupen.com/english/advisories/2008/2780 http://www.securitytracker.com/id?1019995 http://secunia.com/advisories/30134 http://secunia.com/advisories/31066 http://secunia.com/advisories/31226 http://secunia.com/advisories/31687 http://secunia.com/advisories/32222 XForce ISS Database: mysql-myisam-security-bypass(42267) https://exchange.xforce.ibmcloud.com/vulnerabilities/42267 Common Vulnerability Exposure (CVE) ID: CVE-2008-3963 http://www.openwall.com/lists/oss-security/2008/09/09/4 http://www.openwall.com/lists/oss-security/2008/09/09/7 Debian Security Information: DSA-1783 (Google Search) http://www.debian.org/security/2009/dsa-1783 http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 http://www.redhat.com/support/errata/RHSA-2009-1067.html SuSE Security Announcement: SUSE-SR:2008:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://www.ubuntu.com/usn/USN-1397-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 http://secunia.com/advisories/34907 http://www.vupen.com/english/advisories/2008/2554 http://www.securitytracker.com/id?1020858 http://secunia.com/advisories/31769 http://secunia.com/advisories/32759 XForce ISS Database: mysql-bitstring-dos(45042) https://exchange.xforce.ibmcloud.com/vulnerabilities/45042 Common Vulnerability Exposure (CVE) ID: CVE-2008-4456 Bugtraq: 20080930 MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/496842/100/0/threaded Bugtraq: 20080930 RE: MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/496877/100/0/threaded Bugtraq: 20081004 RE: RE: MySQL command-line client HTML injection vulnerability (Google Search) http://seclists.org/bugtraq/2008/Oct/0026.html Bugtraq: 20081029 Re: MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/497158/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/497885/100/0/threaded http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://www.redhat.com/support/errata/RHSA-2010-0110.html http://ubuntu.com/usn/usn-897-1 BugTraq ID: 31486 http://www.securityfocus.com/bid/31486 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11456 http://secunia.com/advisories/32072 http://secunia.com/advisories/38517 http://securityreason.com/securityalert/4357 XForce ISS Database: mysql-commandline-xss(45590) https://exchange.xforce.ibmcloud.com/vulnerabilities/45590 Common Vulnerability Exposure (CVE) ID: CVE-2009-2446 Bugtraq: 20090708 MySQL <= 5.0.45 post auth format string vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/504799/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:179 BugTraq ID: 35609 http://www.securityfocus.com/bid/35609 http://www.osvdb.org/55734 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857 http://securitytracker.com/id?1022533 http://secunia.com/advisories/35767 http://www.vupen.com/english/advisories/2009/1857 XForce ISS Database: mysql-dispatchcommand-format-string(51614) https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 58962 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario Email: Usuario: Contraseña: Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas. Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.     Privacidad

Ingreso de Usuario Registrado   Usuario:     Contraseña:     ¿Olvidó su usuario o contraseña?? Email/ID de Usario: