English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66840
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-897-1 (mysql-dfsg-5.1)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to mysql-dfsg-5.1
announced via advisory USN-897-1.

Details follow:

It was discovered that MySQL could be made to overwrite existing table
files in the data directory. An authenticated user could use the DATA
DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.
This update alters table creation behaviour by disallowing the use of the
MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This
issue only affected Ubuntu 8.10. (CVE-2008-4098)

It was discovered that MySQL contained a cross-site scripting vulnerability
in the command-line client when the --html option is enabled. An attacker
could place arbitrary web script or html in a database cell, which would
then get placed in the html document output by the command-line tool. This
issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.
(CVE-2008-4456)

It was discovered that MySQL could be made to overwrite existing table
files in the data directory. An authenticated user could use symlinks
combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly
bypass privilege checks. This issue only affected Ubuntu 9.10.
(CVE-2008-7247)

It was discovered that MySQL contained multiple format string flaws when
logging database creation and deletion. An authenticated user could use
specially crafted database names to make MySQL crash, causing a denial of
service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.
(CVE-2009-2446)

It was discovered that MySQL incorrectly handled errors when performing
certain SELECT statements, and did not preserve correct flags when
performing statements that use the GeomFromWKB function. An authenticated
user could exploit this to make MySQL crash, causing a denial of service.
(CVE-2009-4019)

It was discovered that MySQL incorrectly checked symlinks when using the
DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks
to create tables that pointed to tables known to be created at a later
time, bypassing access restrictions. (CVE-2009-4030)

It was discovered that MySQL contained a buffer overflow when parsing
ssl certificates. A remote attacker could send crafted requests and cause a
denial of service or possibly execute arbitrary code. This issue did not
affect Ubuntu 6.06 LTS and the default compiler options for affected
releases should reduce the vulnerability to a denial of service. In the
default installation, attackers would also be isolated by the AppArmor
MySQL profile. (CVE-2009-4484)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
mysql-server-5.0 5.0.22-0ubuntu6.06.12

Ubuntu 8.04 LTS:
mysql-server-5.0 5.0.51a-3ubuntu5.5

Ubuntu 8.10:
mysql-server-5.0 5.0.67-0ubuntu6.1

Ubuntu 9.04:
mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3

Ubuntu 9.10:
mysql-server-5.1 5.1.37-1ubuntu5.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-897-1

Risk factor : Critical

CVSS Score:
8.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-4098
32578
http://secunia.com/advisories/32578
32759
http://secunia.com/advisories/32759
32769
http://secunia.com/advisories/32769
38517
http://secunia.com/advisories/38517
DSA-1662
http://www.debian.org/security/2008/dsa-1662
MDVSA-2009:094
http://www.mandriva.com/security/advisories?name=MDVSA-2009:094
RHSA-2009:1067
http://www.redhat.com/support/errata/RHSA-2009-1067.html
RHSA-2010:0110
http://www.redhat.com/support/errata/RHSA-2010-0110.html
SUSE-SR:2008:025
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
USN-1397-1
http://www.ubuntu.com/usn/USN-1397-1
USN-671-1
http://www.ubuntu.com/usn/USN-671-1
USN-897-1
http://ubuntu.com/usn/usn-897-1
[oss-security] 20080909 Re: CVE request: MySQL incomplete fix for CVE-2008-2079
http://www.openwall.com/lists/oss-security/2008/09/09/20
[oss-security] 20080916 Re: CVE request: MySQL incomplete fix for CVE-2008-2079
http://www.openwall.com/lists/oss-security/2008/09/16/3
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
http://bugs.mysql.com/bug.php?id=32167
mysql-myisam-symlink-security-bypass(45649)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45649
oval:org.mitre.oval:def:10591
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10591
Common Vulnerability Exposure (CVE) ID: CVE-2008-4456
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 31486
http://www.securityfocus.com/bid/31486
Bugtraq: 20080930 MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/496842/100/0/threaded
Bugtraq: 20080930 RE: MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/496877/100/0/threaded
Bugtraq: 20081004 RE: RE: MySQL command-line client HTML injection vulnerability (Google Search)
http://seclists.org/bugtraq/2008/Oct/0026.html
Bugtraq: 20081029 Re: MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/497158/100/0/threaded
http://www.securityfocus.com/archive/1/497885/100/0/threaded
Debian Security Information: DSA-1783 (Google Search)
http://www.debian.org/security/2009/dsa-1783
http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11456
http://www.redhat.com/support/errata/RHSA-2009-1289.html
http://secunia.com/advisories/32072
http://secunia.com/advisories/34907
http://secunia.com/advisories/36566
http://securityreason.com/securityalert/4357
XForce ISS Database: mysql-commandline-xss(45590)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45590
Common Vulnerability Exposure (CVE) ID: CVE-2008-7247
BugTraq ID: 38043
http://www.securityfocus.com/bid/38043
http://www.mandriva.com/security/advisories?name=MDVSA-2010:044
https://bugzilla.redhat.com/show_bug.cgi?id=543619
http://lists.mysql.com/commits/59711
http://marc.info/?l=oss-security&m=125908040022018&w=2
SuSE Security Announcement: SUSE-SR:2010:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
http://www.vupen.com/english/advisories/2010/1107
Common Vulnerability Exposure (CVE) ID: CVE-2009-2446
BugTraq ID: 35609
http://www.securityfocus.com/bid/35609
Bugtraq: 20090708 MySQL <= 5.0.45 post auth format string vulnerability (Google Search)
http://www.securityfocus.com/archive/1/504799/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:179
http://www.osvdb.org/55734
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857
http://securitytracker.com/id?1022533
http://secunia.com/advisories/35767
http://www.vupen.com/english/advisories/2009/1857
XForce ISS Database: mysql-dispatchcommand-format-string(51614)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
Common Vulnerability Exposure (CVE) ID: CVE-2009-4019
37717
http://secunia.com/advisories/37717
38573
http://secunia.com/advisories/38573
ADV-2010-1107
APPLE-SA-2010-03-29-1
DSA-1997
http://www.debian.org/security/2010/dsa-1997
FEDORA-2009-12180
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00764.html
RHSA-2010:0109
http://www.redhat.com/support/errata/RHSA-2010-0109.html
SUSE-SR:2010:011
[oss-security] 20091121 CVE Request - MySQL - 5.0.88
http://marc.info/?l=oss-security&m=125881733826437&w=2
[oss-security] 20091121 Re: CVE Request - MySQL - 5.0.88
http://marc.info/?l=oss-security&m=125883754215621&w=2
[oss-security] 20091123 Re: CVE Request - MySQL - 5.0.88
http://marc.info/?l=oss-security&m=125901161824278&w=2
http://bugs.mysql.com/47780
http://bugs.mysql.com/48291
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
http://support.apple.com/kb/HT4077
https://bugzilla.redhat.com/show_bug.cgi?id=540906
oval:org.mitre.oval:def:11349
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11349
oval:org.mitre.oval:def:8500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8500
Common Vulnerability Exposure (CVE) ID: CVE-2009-4030
SUSE-SR:2010:021
[commits] 20091110 bzr commit into mysql-5.0-bugteam branch (joro:2845) Bug#32167
http://lists.mysql.com/commits/89940
[oss-security] 20091119 mysql-5.1.41
http://www.openwall.com/lists/oss-security/2009/11/19/3
[oss-security] 20091124 Re: mysql-5.1.41
http://marc.info/?l=oss-security&m=125908080222685&w=2
http://www.openwall.com/lists/oss-security/2009/11/24/6
oval:org.mitre.oval:def:11116
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116
oval:org.mitre.oval:def:8156
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8156
Common Vulnerability Exposure (CVE) ID: CVE-2009-4484
BugTraq ID: 37640
http://www.securityfocus.com/bid/37640
BugTraq ID: 37943
http://www.securityfocus.com/bid/37943
BugTraq ID: 37974
http://www.securityfocus.com/bid/37974
Debian Security Information: DSA-1997 (Google Search)
http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html
http://intevydis.com/mysql_demo.html
http://intevydis.com/mysql_overflow1.py.txt
http://intevydis.com/vd-list.shtml
http://isc.sans.org/diary.html?storyid=7900
http://www.intevydis.com/blog/?p=106
http://www.intevydis.com/blog/?p=57
http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname
http://lists.mysql.com/commits/96697
http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html
http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html
http://www.osvdb.org/61956
http://securitytracker.com/id?1023402
http://securitytracker.com/id?1023513
http://secunia.com/advisories/37493
http://secunia.com/advisories/38344
http://secunia.com/advisories/38364
http://www.vupen.com/english/advisories/2010/0233
http://www.vupen.com/english/advisories/2010/0236
XForce ISS Database: mysql-unspecified-bo(55416)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55416
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.