Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2005:348

The remote host is missing updates announced in
advisory RHSA-2005:348.

MySQL is a multi-user, multi-threaded SQL database server.

This update fixes several security risks in the MySQL server.

Stefano Di Paola discovered two bugs in the way MySQL handles user-defined
functions. A user with the ability to create and execute a user defined
function could potentially execute arbitrary code on the MySQL server. The
Common Vulnerabilities and Exposures project ( has assigned
the names CVE-2005-0709 and CVE-2005-0710 to these issues.

Stefano Di Paola also discovered a bug in the way MySQL creates temporary
tables. A local user could create a specially crafted symlink which could
result in the MySQL server overwriting a file which it has write access to.
The Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-0711 to this issue.

All users of the MySQL server are advised to upgrade to these updated
packages, which contain fixes for these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Medium

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0709
BugTraq ID: 12781
Bugtraq: 20050310 Mysql CREATE FUNCTION libc arbitrary code execution. (Google Search)
Debian Security Information: DSA-707 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:019 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0710
Bugtraq: 20050310 Mysql CREATE FUNCTION mysql.func table arbitrary library injection (Google Search)
XForce ISS Database: mysql-udfinit-gain-access(19658)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0711
CopyrightCopyright (c) 2005 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.