English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-7
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 28 Jan 2003
 Last revised           : 01 Apr 2003

 Package : MySQL

 Summry : Multiple MySQL Vulnerabilities

 More information :
    There are the following problems in MySQL.
       * signed/unsigned problem in COM_TABLE_DUMP
       * Password length handling in COM_CHANGE_USER
       * read_rows() overflow in libmysqlclient
       * read_one_row() overflow in libmysqlclient

 Impact :
    The vulnerabilities potentially enable local or remote attackers
    to execute arbitrary shell commands.
    This can be used to exploit SQL clients if they connect to
    a compromised MySQL server.

 Affected Products :
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation
    - Turbolinux Server 6.5
    - Turbolinux Advanced Server 6
    - Turbolinux Server 6.1

 Solution :
    Please use turbopkg tool to apply the update.

    If you need to confirm the version of current installed
    package, please issue rpm command as :

    # rpm -qa | grep PACKAGE-NAME


 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i586.rpm
      4463421 8537577a0d3ed93b7a745613b5c7ae5b
   MySQL-bench-3.23.52-3.i586.rpm
       594418 bc0664a00697985005ca618cfe00d480
   MySQL-client-3.23.52-3.i586.rpm
       155009 e94e25354e37afab2c47b1d1d2679cee
   MySQL-devel-3.23.52-3.i586.rpm
      1101575 6e8f207895748312369ceeb87b81fd41
   MySQL-shared-3.23.52-3.i586.rpm
       129771 f74a4bdc12400ecff50bd812ddf28562

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i586.rpm
      4463403 0228f0cb6f4d779032c4d735dd59d156
   MySQL-bench-3.23.52-3.i586.rpm
       594352 f0a95f09422fd7fff21c351c00738471
   MySQL-client-3.23.52-3.i586.rpm
       155255 b28641b3a2b93dd588a71b188ceb7913
   MySQL-devel-3.23.52-3.i586.rpm
      1101546 b2a9d397ea6504014732f5483751ac36
   MySQL-shared-3.23.52-3.i586.rpm
       129791 7ce80ad3f9e91e591dfa8cd6782a4723

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i586.rpm
      4385482 475dd9e986282347d4adcffb9ecedfa2
   MySQL-bench-3.23.52-3.i586.rpm
       596829 acb0b9be485b496977150fc38461ae0e
   MySQL-client-3.23.52-3.i586.rpm
       151093 4b382039347bbaf3d636f4ee3b44581f
   MySQL-devel-3.23.52-3.i586.rpm
      1047394 403867cdb1c2fd7a2d56045eae4378d1
   MySQL-shared-3.23.52-3.i586.rpm
       127162 ae32a2435f37ccf74c398cf3c91653b6

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i586.rpm
      4384516 8c986de09e52c6af4cce933e8772be40
   MySQL-bench-3.23.52-3.i586.rpm
       596492 f0e8d06bd05e785107bdb1ebe54182bf
   MySQL-client-3.23.52-3.i586.rpm
       151081 a566fc35847ee834cd3bd23b0c4cfd82
   MySQL-devel-3.23.52-3.i586.rpm
      1047339 f5ee8fa5acaeb462459b73d3fc0aa2b2
   MySQL-shared-3.23.52-3.i586.rpm
       127255 441ad155f9e3179091f9e7570f036d16

 <Turbolinux Server 6.5>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i386.rpm
      5417740 7be9a151dfc1cfdfff4e2dbb93fe627e
   MySQL-bench-3.23.52-3.i386.rpm
       713447 4a7e78b0a4ef38f7dd0075d551518ba1
   MySQL-client-3.23.52-3.i386.rpm
       158097 dce238bd663785b62cb09daff1220fb5
   MySQL-devel-3.23.52-3.i386.rpm
      1212162 3b129816e6f50a8d05f469e490c323cd
   MySQL-shared-3.23.52-3.i386.rpm
       125918 5f2c6bc46785dc0156c023f3091e5969

 <Turbolinux Advanced Server 6>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i386.rpm
      5417800 901d84e7314989e798ab0d6476d60544
   MySQL-bench-3.23.52-3.i386.rpm
       713515 d97c8d27a75e85f19a0c0e214487af7a
   MySQL-client-3.23.52-3.i386.rpm
       158088 94bea2068999d335041409d515865368
   MySQL-devel-3.23.52-3.i386.rpm
      1212168 d1d7f2d23719c818df8a199a8700a401
   MySQL-shared-3.23.52-3.i386.rpm
       125917 a1d357682e44da471d86da6f0872259c

 <Turbolinux Server 6.1>

   Source Packages
   Size : MD5

   MySQL-3.23.52-3.src.rpm
     10856901 4012956a783f0d0c93bc3ab97d2acca2

   Binary Packages
   Size : MD5

   MySQL-3.23.52-3.i386.rpm
      5417800 1b467e920cbbd63878dd95b9418c1f95
   MySQL-bench-3.23.52-3.i386.rpm
       713564 4b24c7c1f66e41499d6e9aa082ae8da9
   MySQL-client-3.23.52-3.i386.rpm
       158088 7e72f1fd534f72ede2409a334a025f26
   MySQL-devel-3.23.52-3.i386.rpm
      1212171 4f77bcba570c74fb44747a071691e0d8
   MySQL-shared-3.23.52-3.i386.rpm
       125918 5e00652b2c546c2658b14379d9b4e148


 References :

 CVE
   [CAN-2002-1373]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1373
   [CAN-2002-1374]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1374
   [CAN-2002-1375]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1375
   [CAN-2002-1376]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1376


 --------------------------------------------------------------------------
 Revision History
    28 Jan 2003 Initial release
    01 Apr 2003 modifyed file size
 --------------------------------------------------------------------------

 Copyright(C) 2003 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+iVoMK0LzjOqIJMwRAisnAJ9AIUImzeXsTo/pVM4R6W7GHPSRWQCaA0TZ
Vo7aIS+rllmrk/BBYOss0Tg=
=LlN/
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.