English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72151 CVE descriptions
and 38907 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66840
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-897-1 (mysql-dfsg-5.1)
Summary:Ubuntu USN-897-1 (mysql-dfsg-5.1)
Description:The remote host is missing an update to mysql-dfsg-5.1
announced via advisory USN-897-1.

Details follow:

It was discovered that MySQL could be made to overwrite existing table
files in the data directory. An authenticated user could use the DATA
DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.
This update alters table creation behaviour by disallowing the use of the
MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This
issue only affected Ubuntu 8.10. (CVE-2008-4098)

It was discovered that MySQL contained a cross-site scripting vulnerability
in the command-line client when the --html option is enabled. An attacker
could place arbitrary web script or html in a database cell, which would
then get placed in the html document output by the command-line tool. This
issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.
(CVE-2008-4456)

It was discovered that MySQL could be made to overwrite existing table
files in the data directory. An authenticated user could use symlinks
combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly
bypass privilege checks. This issue only affected Ubuntu 9.10.
(CVE-2008-7247)

It was discovered that MySQL contained multiple format string flaws when
logging database creation and deletion. An authenticated user could use
specially crafted database names to make MySQL crash, causing a denial of
service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.
(CVE-2009-2446)

It was discovered that MySQL incorrectly handled errors when performing
certain SELECT statements, and did not preserve correct flags when
performing statements that use the GeomFromWKB function. An authenticated
user could exploit this to make MySQL crash, causing a denial of service.
(CVE-2009-4019)

It was discovered that MySQL incorrectly checked symlinks when using the
DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks
to create tables that pointed to tables known to be created at a later
time, bypassing access restrictions. (CVE-2009-4030)

It was discovered that MySQL contained a buffer overflow when parsing
ssl certificates. A remote attacker could send crafted requests and cause a
denial of service or possibly execute arbitrary code. This issue did not
affect Ubuntu 6.06 LTS and the default compiler options for affected
releases should reduce the vulnerability to a denial of service. In the
default installation, attackers would also be isolated by the AppArmor
MySQL profile. (CVE-2009-4484)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
mysql-server-5.0 5.0.22-0ubuntu6.06.12

Ubuntu 8.04 LTS:
mysql-server-5.0 5.0.51a-3ubuntu5.5

Ubuntu 8.10:
mysql-server-5.0 5.0.67-0ubuntu6.1

Ubuntu 9.04:
mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3

Ubuntu 9.10:
mysql-server-5.1 5.1.37-1ubuntu5.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-897-1

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-4098
http://www.openwall.com/lists/oss-security/2008/09/09/20
http://www.openwall.com/lists/oss-security/2008/09/16/3
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
Debian Security Information: DSA-1662 (Google Search)
http://www.debian.org/security/2008/dsa-1662
http://www.mandriva.com/security/advisories?name=MDVSA-2009:094
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://www.redhat.com/support/errata/RHSA-2010-0110.html
SuSE Security Announcement: SUSE-SR:2008:025 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://ubuntu.com/usn/usn-897-1
http://www.ubuntu.com/usn/USN-671-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10591
http://secunia.com/advisories/32759
http://secunia.com/advisories/38517
http://secunia.com/advisories/32578
http://secunia.com/advisories/32769
XForce ISS Database: mysql-myisam-symlink-security-bypass(45649)
http://xforce.iss.net/xforce/xfdb/45649
Common Vulnerability Exposure (CVE) ID: CVE-2008-4456
Bugtraq: 20080930 MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/496842/100/0/threaded
Bugtraq: 20080930 RE: MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/496877/100/0/threaded
Bugtraq: 20081004 RE: RE: MySQL command-line client HTML injection vulnerability (Google Search)
http://seclists.org/bugtraq/2008/Oct/0026.html
Bugtraq: 20081029 Re: MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/497158/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/497885/100/0/threaded
http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Debian Security Information: DSA-1783 (Google Search)
http://www.debian.org/security/2009/dsa-1783
http://www.redhat.com/support/errata/RHSA-2009-1289.html
BugTraq ID: 31486
http://www.securityfocus.com/bid/31486
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11456
http://secunia.com/advisories/32072
http://secunia.com/advisories/34907
http://secunia.com/advisories/36566
http://securityreason.com/securityalert/4357
XForce ISS Database: mysql-commandline-xss(45590)
http://xforce.iss.net/xforce/xfdb/45590
Common Vulnerability Exposure (CVE) ID: CVE-2008-7247
http://lists.mysql.com/commits/59711
http://marc.info/?l=oss-security&m=125908040022018&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=543619
http://www.mandriva.com/security/advisories?name=MDVSA-2010:044
SuSE Security Announcement: SUSE-SR:2010:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
BugTraq ID: 38043
http://www.securityfocus.com/bid/38043
http://www.vupen.com/english/advisories/2010/1107
Common Vulnerability Exposure (CVE) ID: CVE-2009-2446
Bugtraq: 20090708 MySQL <= 5.0.45 post auth format string vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504799/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:179
BugTraq ID: 35609
http://www.securityfocus.com/bid/35609
http://www.osvdb.org/55734
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11857
http://securitytracker.com/id?1022533
http://secunia.com/advisories/35767
http://www.vupen.com/english/advisories/2009/1857
XForce ISS Database: mysql-dispatchcommand-format-string(51614)
http://xforce.iss.net/xforce/xfdb/51614
Common Vulnerability Exposure (CVE) ID: CVE-2009-4019
http://marc.info/?l=oss-security&m=125881733826437&w=2
http://marc.info/?l=oss-security&m=125883754215621&w=2
http://marc.info/?l=oss-security&m=125901161824278&w=2
Debian Security Information: DSA-1997 (Google Search)
http://www.debian.org/security/2010/dsa-1997
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00764.html
http://www.redhat.com/support/errata/RHSA-2010-0109.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11349
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8500
http://secunia.com/advisories/37717
http://secunia.com/advisories/38573
Common Vulnerability Exposure (CVE) ID: CVE-2009-4030
http://lists.mysql.com/commits/89940
http://www.openwall.com/lists/oss-security/2009/11/19/3
http://www.openwall.com/lists/oss-security/2009/11/24/6
http://marc.info/?l=oss-security&m=125908080222685&w=2
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11116
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8156
Common Vulnerability Exposure (CVE) ID: CVE-2009-4484
http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html
http://lists.mysql.com/commits/96697
http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html
http://intevydis.com/vd-list.shtml
http://www.intevydis.com/blog/?p=57
http://intevydis.com/mysql_demo.html
http://isc.sans.org/diary.html?storyid=7900
http://www.intevydis.com/blog/?p=106
http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html
http://intevydis.com/mysql_overflow1.py.txt
http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname
BugTraq ID: 37640
http://www.securityfocus.com/bid/37640
BugTraq ID: 37943
http://www.securityfocus.com/bid/37943
BugTraq ID: 37974
http://www.securityfocus.com/bid/37974
http://www.osvdb.org/61956
http://securitytracker.com/id?1023402
http://securitytracker.com/id?1023513
http://secunia.com/advisories/37493
http://secunia.com/advisories/38344
http://secunia.com/advisories/38364
http://www.vupen.com/english/advisories/2010/0233
http://www.vupen.com/english/advisories/2010/0236
XForce ISS Database: mysql-unspecified-bo(55416)
http://xforce.iss.net/xforce/xfdb/55416
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.