Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.53251
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 562-1 (mysql)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to mysql
announced via advisory DSA 562-1.

Severl problems have been discovered in MySQL, a commonly used SQL
database on Unix servers. The following problems have been identified
by the Common Vulnerabilities and Exposures Project:

CVE-2004-0835

Oleksandr Byelkin noticed that ALTER TABLE ... RENAME checks
CREATE/INSERT rights of the old table instead of the new one.

CVE-2004-0836

Lukasz Wojtow noticed a buffer overrun in the mysql_real_connect
function.

CVE-2004-0837

Dean Ellis noticed that multiple threads ALTERing the same (or
different) MERGE tables to change the UNION can cause the server
to crash or stall.

For the stable distribution (woody) these problems have been fixed in
version 3.23.49-8.8.

For the unstable distribution (sid) these problems have been fixed in
version 4.0.21-1.

We recommend that you upgrade your mysql and related packages and


Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%20562-1

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0835
BugTraq ID: 11357
http://www.securityfocus.com/bid/11357
Computer Incident Advisory Center Bulletin: P-018
http://www.ciac.org/ciac/bulletins/p-018.shtml
Conectiva Linux advisory: CLA-2004:892
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892
Debian Security Information: DSA-562 (Google Search)
http://www.debian.org/security/2004/dsa-562
http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml
http://bugs.mysql.com/bug.php?id=3270
http://lists.mysql.com/internals/13073
http://www.redhat.com/support/errata/RHSA-2004-597.html
http://www.redhat.com/support/errata/RHSA-2004-611.html
http://securitytracker.com/id?1011606
http://secunia.com/advisories/12783/
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1
http://www.trustix.org/errata/2004/0054/
XForce ISS Database: mysql-alter-restriction-bypass(17666)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17666
Common Vulnerability Exposure (CVE) ID: CVE-2004-0836
BugTraq ID: 10981
http://www.securityfocus.com/bid/10981
Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110140517515735&w=2
http://bugs.mysql.com/bug.php?id=4017
http://lists.mysql.com/internals/14726
http://secunia.com/advisories/12305/
XForce ISS Database: mysql-realconnect-bo(17047)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17047
Common Vulnerability Exposure (CVE) ID: CVE-2004-0837
http://bugs.mysql.com/2408
http://lists.mysql.com/internals/16168
http://lists.mysql.com/internals/16173
http://lists.mysql.com/internals/16174
http://mysql.bkbits.net:8080/mysql-3.23/diffs/myisammrg/myrg_open.c@1.15
XForce ISS Database: mysql-union-dos(17667)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17667
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.