|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2007:0875|
The remote host is missing updates announced in
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld) and
many different client programs and libraries.
A flaw was discovered in MySQL's authentication protocol. It is possible
for a remote unauthenticated attacker to send a specially crafted
authentication request to the MySQL server causing it to crash. (CVE-2007-3780)
All users of the MySQL server are advised to upgrade to these updated
packages, which contain a backported patch which fixes this issue.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Risk factor : Medium
Common Vulnerability Exposure (CVE) ID: CVE-2007-3780|
BugTraq ID: 25017
Bugtraq: 20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server (Google Search)
Debian Security Information: DSA-1413 (Google Search)
SuSE Security Announcement: SUSE-SR:2007:019 (Google Search)
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.