Test ID:	1.3.6.1.4.1.25623.1.0.57337
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1169)
Summary:	The remote host is missing an update for the Debian 'mysql-dfsg-4.1' package(s) announced via the DSA-1169 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'mysql-dfsg-4.1' package(s) announced via the DSA-1169 advisory. Vulnerability Insight: Several local vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4226 Michal Prokopiuk discovered that remote authenticated users are permitted to create and access a database if the lowercase spelling is the same as one they have been granted access to. CVE-2006-4380 Beat Vontobel discovered that certain queries replicated to a slave could crash the client and thus terminate the replication. For the stable distribution (sarge) these problems have been fixed in version 4.1.11a-4sarge7. Version 4.0 is not affected by these problems. For the unstable distribution (sid) these problems have been fixed in version 5.0.24-3. The replication problem only exists in version 4.1. We recommend that you upgrade your mysql-server-4.1 package. Affected Software/OS: 'mysql-dfsg-4.1' package(s) on Debian 3.1. Solution: Please install the updated package(s). CVSS Score: 3.6 CVSS Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4226 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html BugTraq ID: 19559 http://www.securityfocus.com/bid/19559 Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html Debian Security Information: DSA-1169 (Google Search) http://www.debian.org/security/2006/dsa-1169 http://www.mandriva.com/security/advisories?name=MDKSA-2006:149 http://bugs.mysql.com/bug.php?id=17647 http://lists.mysql.com/commits/5927 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10729 http://www.redhat.com/support/errata/RHSA-2007-0083.html http://www.redhat.com/support/errata/RHSA-2007-0152.html http://securitytracker.com/id?1016710 http://secunia.com/advisories/21506 http://secunia.com/advisories/21627 http://secunia.com/advisories/21762 http://secunia.com/advisories/22080 http://secunia.com/advisories/24479 http://secunia.com/advisories/24744 SuSE Security Announcement: SUSE-SR:2006:023 (Google Search) http://www.novell.com/linux/security/advisories/2006_23_sr.html http://www.vupen.com/english/advisories/2006/3306 http://www.vupen.com/english/advisories/2007/0930 XForce ISS Database: mysql-case-privilege-escalation(28448) https://exchange.xforce.ibmcloud.com/vulnerabilities/28448 Common Vulnerability Exposure (CVE) ID: CVE-2006-4380 BugTraq ID: 19794 http://www.securityfocus.com/bid/19794 http://www.mandriva.com/security/advisories?name=MDKSA-2006:158 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10686 http://securitytracker.com/id?1016790 http://secunia.com/advisories/21712
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.