Test ID:	1.3.6.1.4.1.25623.1.0.51897
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2005:060 (MySQL)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to MySQL announced via advisory MDKSA-2005:060. A number of vulnerabilities were discovered by Stefano Di Paola in the MySQL server: If an authenticated user had INSERT privileges on the 'mysql' database, the CREATE FUNCTION command allowed that user to use libc functions to execute arbitrary code with the privileges of the user running the database server (mysql) (CVE-2005-0709). If an authenticated user had INSERT privileges on the 'mysql' database, it was possible to load a library located in an arbitrary directory by using INSERT INTO mysql.func instead of CREATE FUNCTION. This also would allow the user to execute arbitrary code with the privileges of the user running the database server (CVE-2005-0710). Finally, temporary files belonging to tables created with CREATE TEMPORARY TABLE were handled in an insecure manner, allowing any local user to overwrite arbitrary files with the privileges of the database server (CVE-2005-0711). The updated packages have been patched to correct these issues. Affected versions: 10.0, 10.1, Corporate 3.0, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:060 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0710 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0711 Risk factor : Medium CVSS Score: 4.6
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0709 101864 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 12781 http://www.securityfocus.com/bid/12781 2005-0009 http://www.trustix.org/errata/2005/0009/ 20050310 Mysql CREATE FUNCTION libc arbitrary code execution. http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html http://marc.info/?l=bugtraq&m=111066115808506&w=2 APPLE-SA-2005-08-15 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html APPLE-SA-2005-08-17 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html DSA-707 http://www.debian.org/security/2005/dsa-707 GLSA-200503-19 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml MDKSA-2005:060 http://www.mandriva.com/security/advisories?name=MDKSA-2005:060 RHSA-2005:334 http://www.redhat.com/support/errata/RHSA-2005-334.html RHSA-2005:348 http://www.redhat.com/support/errata/RHSA-2005-348.html SUSE-SA:2005:019 http://www.novell.com/linux/security/advisories/2005_19_mysql.html USN-96-1 https://usn.ubuntu.com/96-1/ oval:org.mitre.oval:def:10479 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10479 Common Vulnerability Exposure (CVE) ID: CVE-2005-0710 20050310 Mysql CREATE FUNCTION mysql.func table arbitrary library injection http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0083.html http://marc.info/?l=bugtraq&m=111065974004648&w=2 mysql-udfinit-gain-access(19658) https://exchange.xforce.ibmcloud.com/vulnerabilities/19658 oval:org.mitre.oval:def:10180 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10180 Common Vulnerability Exposure (CVE) ID: CVE-2005-0711 20050310 Mysql insecure temporary file creation with CREATE TEMPORARY TABLE privilege escalation http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html oval:org.mitre.oval:def:9591 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9591
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.