| Descripción: | Description:
The remote host is missing an update to mysql
announced via advisory MDVSA-2011:012.
Multiple vulnerabilities has been found and corrected in mysql:
storage/innobase/dict/dict0crea.c in mysqld in MySQL 5.1 before
5.1.49 allows remote authenticated users to cause a denial of service
(assertion failure) by modifying the (1) innodb_file_format or (2)
innodb_file_per_table configuration parameters for the InnoDB storage
engine, then executing a DDL statement (CVE-2010-3676).
MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote
authenticated users to cause a denial of service (mysqld daemon
crash) via a join query that uses a table with a unique SET column
(CVE-2010-3677).
MySQL 5.1 before 5.1.49 allows remote authenticated users to cause
a denial of service (crash) via (1) IN or (2) CASE operations with
NULL arguments that are explicitly specified or indirectly provided
by the WITH ROLLUP modifier (CVE-2010-3678).
MySQL 5.1 before 5.1.49 allows remote authenticated users to cause
a denial of service (mysqld daemon crash) via certain arguments to
the BINLOG command, which triggers an access of uninitialized memory,
as demonstrated by valgrind (CVE-2010-3679).
MySQL 5.1 before 5.1.49 allows remote authenticated users to cause
a denial of service (mysqld daemon crash) by creating temporary
tables while using InnoDB, which triggers an assertion failure
(CVE-2010-3680).
MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote
authenticated users to cause a denial of service (mysqld daemon
crash) by using the HANDLER interface and performing alternate reads
from two indexes on a table, which triggers an assertion failure
(CVE-2010-3681).
MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote
authenticated users to cause a denial of service (mysqld daemon crash)
by using EXPLAIN with crafted 'SELECT ... UNION ... ORDER BY \(SELECT
... WHERE ...\)' statements, which triggers a NULL pointer dereference
in the Item_singlerow_subselect::store function (CVE-2010-3682).
MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when
a LOAD DATA INFILE request generates SQL errors, which allows remote
authenticated users to cause a denial of service (mysqld daemon crash)
via a crafted request (CVE-2010-3683).
The updated packages have been upgraded to the latest (last) stable
5.1 release (5.1.54) to address these issues for both Mandriva Linux
2010.0 and 2010.2.
Affected: 2010.0, 2010.1
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:012
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-54.html
http://www.mysql.com/support/eol-notice.html
Risk factor : Medium
CVSS Score:
4.0
|
