Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:1155

The remote host is missing updates announced in
advisory RHSA-2007:1155.

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld), and
many different client programs and libraries.

A flaw was found in a way MySQL handled symbolic links when database tables
were created with explicit DATA and INDEX DIRECTORY options. An
authenticated user could create a table that would overwrite tables in
other databases, causing destruction of data or allowing the user to
elevate privileges. (CVE-2007-5969)

A flaw was found in a way MySQL's InnoDB engine handled spatial indexes. An
authenticated user could create a table with spatial indexes, which are not
supported by the InnoDB engine, that would cause the mysql daemon to crash
when used. This issue only causes a temporary denial of service, as the
mysql daemon will be automatically restarted after the crash.

All mysql users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-5969
BugTraq ID: 26765
BugTraq ID: 31681
Bugtraq: 20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server (Google Search)
Debian Security Information: DSA-1451 (Google Search)
SuSE Security Announcement: SUSE-SR:2008:003 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-5925
BugTraq ID: 26353
Debian Security Information: DSA-1413 (Google Search)
XForce ISS Database: mysql-hainnodb-dos(38284)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.