English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.71727
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1397-1 (mysql-server-5.1)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to mysql-server-5.1
announced via advisory USN-1397-1.

Details:

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10,
Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to
MySQL 5.0.95.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
mysql-server-5.1 5.1.61-0ubuntu0.11.10.1

Ubuntu 11.04:
mysql-server-5.1 5.1.61-0ubuntu0.11.04.1

Ubuntu 10.10:
mysql-server-5.1 5.1.61-0ubuntu0.10.10.1

Ubuntu 10.04 LTS:
mysql-server-5.1 5.1.61-0ubuntu0.10.04.1

Ubuntu 8.04 LTS:
mysql-server-5.0 5.0.95-0ubuntu1

http://www.securityspace.com/smysecure/catid.html?in=USN-1397-1

CVSS Score:
8.5

CVSS Vector:
AV:L/AC:H/Au:R/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-5925
BugTraq ID: 26353
http://www.securityfocus.com/bid/26353
Debian Security Information: DSA-1413 (Google Search)
http://www.debian.org/security/2007/dsa-1413
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html
http://security.gentoo.org/glsa/glsa-200711-25.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:243
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11390
http://www.redhat.com/support/errata/RHSA-2007-1155.html
http://www.redhat.com/support/errata/RHSA-2007-1157.html
http://www.securitytracker.com/id?1018978
http://secunia.com/advisories/27568
http://secunia.com/advisories/27649
http://secunia.com/advisories/27823
http://secunia.com/advisories/28025
http://secunia.com/advisories/28040
http://secunia.com/advisories/28099
http://secunia.com/advisories/28108
http://secunia.com/advisories/28128
http://secunia.com/advisories/28838
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959
SuSE Security Announcement: SUSE-SR:2008:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
http://www.ubuntu.com/usn/USN-1397-1
https://usn.ubuntu.com/559-1/
http://www.vupen.com/english/advisories/2007/3903
XForce ISS Database: mysql-hainnodb-dos(38284)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38284
Common Vulnerability Exposure (CVE) ID: CVE-2008-3963
Debian Security Information: DSA-1783 (Google Search)
http://www.debian.org/security/2009/dsa-1783
http://www.mandriva.com/security/advisories?name=MDVSA-2009:094
http://www.openwall.com/lists/oss-security/2008/09/09/4
http://www.openwall.com/lists/oss-security/2008/09/09/7
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://www.redhat.com/support/errata/RHSA-2009-1289.html
http://www.securitytracker.com/id?1020858
http://secunia.com/advisories/31769
http://secunia.com/advisories/32759
http://secunia.com/advisories/32769
http://secunia.com/advisories/34907
http://secunia.com/advisories/36566
SuSE Security Announcement: SUSE-SR:2008:025 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://www.ubuntu.com/usn/USN-671-1
http://www.vupen.com/english/advisories/2008/2554
XForce ISS Database: mysql-bitstring-dos(45042)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45042
Common Vulnerability Exposure (CVE) ID: CVE-2008-4098
32578
http://secunia.com/advisories/32578
32759
32769
38517
http://secunia.com/advisories/38517
DSA-1662
http://www.debian.org/security/2008/dsa-1662
MDVSA-2009:094
RHSA-2009:1067
RHSA-2010:0110
http://www.redhat.com/support/errata/RHSA-2010-0110.html
SUSE-SR:2008:025
USN-1397-1
USN-671-1
USN-897-1
http://ubuntu.com/usn/usn-897-1
[oss-security] 20080909 Re: CVE request: MySQL incomplete fix for CVE-2008-2079
http://www.openwall.com/lists/oss-security/2008/09/09/20
[oss-security] 20080916 Re: CVE request: MySQL incomplete fix for CVE-2008-2079
http://www.openwall.com/lists/oss-security/2008/09/16/3
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25
http://bugs.mysql.com/bug.php?id=32167
mysql-myisam-symlink-security-bypass(45649)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45649
oval:org.mitre.oval:def:10591
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10591
Common Vulnerability Exposure (CVE) ID: CVE-2008-4456
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 31486
http://www.securityfocus.com/bid/31486
Bugtraq: 20080930 MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/496842/100/0/threaded
Bugtraq: 20080930 RE: MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/496877/100/0/threaded
Bugtraq: 20081004 RE: RE: MySQL command-line client HTML injection vulnerability (Google Search)
http://seclists.org/bugtraq/2008/Oct/0026.html
Bugtraq: 20081029 Re: MySQL command-line client HTML injection vulnerability (Google Search)
http://www.securityfocus.com/archive/1/497158/100/0/threaded
http://www.securityfocus.com/archive/1/497885/100/0/threaded
http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11456
http://secunia.com/advisories/32072
http://securityreason.com/securityalert/4357
XForce ISS Database: mysql-commandline-xss(45590)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45590
Common Vulnerability Exposure (CVE) ID: CVE-2008-7247
BugTraq ID: 38043
http://www.securityfocus.com/bid/38043
http://www.mandriva.com/security/advisories?name=MDVSA-2010:044
https://bugzilla.redhat.com/show_bug.cgi?id=543619
http://lists.mysql.com/commits/59711
http://marc.info/?l=oss-security&m=125908040022018&w=2
SuSE Security Announcement: SUSE-SR:2010:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
http://www.vupen.com/english/advisories/2010/1107
Common Vulnerability Exposure (CVE) ID: CVE-2009-2446
BugTraq ID: 35609
http://www.securityfocus.com/bid/35609
Bugtraq: 20090708 MySQL <= 5.0.45 post auth format string vulnerability (Google Search)
http://www.securityfocus.com/archive/1/504799/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:179
http://www.osvdb.org/55734
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857
http://securitytracker.com/id?1022533
http://secunia.com/advisories/35767
http://www.vupen.com/english/advisories/2009/1857
XForce ISS Database: mysql-dispatchcommand-format-string(51614)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
Common Vulnerability Exposure (CVE) ID: CVE-2009-4019
37717
http://secunia.com/advisories/37717
38573
http://secunia.com/advisories/38573
ADV-2010-1107
APPLE-SA-2010-03-29-1
DSA-1997
http://www.debian.org/security/2010/dsa-1997
FEDORA-2009-12180
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00764.html
RHSA-2010:0109
http://www.redhat.com/support/errata/RHSA-2010-0109.html
SUSE-SR:2010:011
[oss-security] 20091121 CVE Request - MySQL - 5.0.88
http://marc.info/?l=oss-security&m=125881733826437&w=2
[oss-security] 20091121 Re: CVE Request - MySQL - 5.0.88
http://marc.info/?l=oss-security&m=125883754215621&w=2
[oss-security] 20091123 Re: CVE Request - MySQL - 5.0.88
http://marc.info/?l=oss-security&m=125901161824278&w=2
http://bugs.mysql.com/47780
http://bugs.mysql.com/48291
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
http://support.apple.com/kb/HT4077
https://bugzilla.redhat.com/show_bug.cgi?id=540906
oval:org.mitre.oval:def:11349
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11349
oval:org.mitre.oval:def:8500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8500
Common Vulnerability Exposure (CVE) ID: CVE-2009-4030
SUSE-SR:2010:021
[commits] 20091110 bzr commit into mysql-5.0-bugteam branch (joro:2845) Bug#32167
http://lists.mysql.com/commits/89940
[oss-security] 20091119 mysql-5.1.41
http://www.openwall.com/lists/oss-security/2009/11/19/3
[oss-security] 20091124 Re: mysql-5.1.41
http://marc.info/?l=oss-security&m=125908080222685&w=2
http://www.openwall.com/lists/oss-security/2009/11/24/6
oval:org.mitre.oval:def:11116
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116
oval:org.mitre.oval:def:8156
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8156
Common Vulnerability Exposure (CVE) ID: CVE-2009-4484
BugTraq ID: 37640
http://www.securityfocus.com/bid/37640
BugTraq ID: 37943
http://www.securityfocus.com/bid/37943
BugTraq ID: 37974
http://www.securityfocus.com/bid/37974
Debian Security Information: DSA-1997 (Google Search)
http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html
http://intevydis.com/mysql_demo.html
http://intevydis.com/mysql_overflow1.py.txt
http://intevydis.com/vd-list.shtml
http://isc.sans.org/diary.html?storyid=7900
http://www.intevydis.com/blog/?p=106
http://www.intevydis.com/blog/?p=57
http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname
http://lists.mysql.com/commits/96697
http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html
http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html
http://www.osvdb.org/61956
http://securitytracker.com/id?1023402
http://securitytracker.com/id?1023513
http://secunia.com/advisories/37493
http://secunia.com/advisories/38344
http://secunia.com/advisories/38364
http://www.vupen.com/english/advisories/2010/0233
http://www.vupen.com/english/advisories/2010/0236
XForce ISS Database: mysql-unspecified-bo(55416)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55416
Common Vulnerability Exposure (CVE) ID: CVE-2010-1621
39543
http://www.securityfocus.com/bid/39543
MDVSA-2010:093
http://www.mandriva.com/security/advisories?name=MDVSA-2010:093
http://bugs.mysql.com/bug.php?id=51770
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-1626
1024004
http://securitytracker.com/id?1024004
40257
http://www.securityfocus.com/bid/40257
ADV-2010-1194
http://www.vupen.com/english/advisories/2010/1194
MDVSA-2010:101
http://www.mandriva.com/security/advisories?name=MDVSA-2010:101
RHSA-2010:0442
http://www.redhat.com/support/errata/RHSA-2010-0442.html
SUSE-SR:2010:019
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
[oss-security] 20100510 Re: A mysql flaw.
http://www.openwall.com/lists/oss-security/2010/05/10/2
[oss-security] 20100518 Re: A mysql flaw.
http://www.openwall.com/lists/oss-security/2010/05/18/4
http://bugs.mysql.com/bug.php?id=40980
oval:org.mitre.oval:def:9490
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9490
Common Vulnerability Exposure (CVE) ID: CVE-2010-1848
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:107
http://lists.mysql.com/commits/107532
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10258
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7210
http://www.redhat.com/support/errata/RHSA-2010-0824.html
http://securitytracker.com/id?1024031
SuSE Security Announcement: SUSE-SR:2010:019 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-1849
http://lists.mysql.com/commits/106060
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7328
http://securitytracker.com/id?1024032
Common Vulnerability Exposure (CVE) ID: CVE-2010-1850
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10846
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6693
http://securitytracker.com/id?1024033
Common Vulnerability Exposure (CVE) ID: CVE-2010-2008
BugTraq ID: 41198
http://www.securityfocus.com/bid/41198
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869
http://www.securitytracker.com/id?1024160
http://secunia.com/advisories/40333
http://secunia.com/advisories/40762
http://www.ubuntu.com/usn/USN-1017-1
http://www.vupen.com/english/advisories/2010/1918
Common Vulnerability Exposure (CVE) ID: CVE-2010-3677
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
BugTraq ID: 42646
http://www.securityfocus.com/bid/42646
Debian Security Information: DSA-2143 (Google Search)
http://www.debian.org/security/2011/dsa-2143
http://www.mandriva.com/security/advisories?name=MDVSA-2010:222
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
http://bugs.mysql.com/bug.php?id=54575
http://www.openwall.com/lists/oss-security/2010/09/28/10
http://www.redhat.com/support/errata/RHSA-2010-0825.html
http://www.redhat.com/support/errata/RHSA-2011-0164.html
http://secunia.com/advisories/42875
http://secunia.com/advisories/42936
TurboLinux Advisory: TLSA-2011-3
http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt
http://www.vupen.com/english/advisories/2011/0105
http://www.vupen.com/english/advisories/2011/0133
http://www.vupen.com/english/advisories/2011/0170
http://www.vupen.com/english/advisories/2011/0345
XForce ISS Database: mysql-setcolumn-dos(64688)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64688
Common Vulnerability Exposure (CVE) ID: CVE-2010-3678
BugTraq ID: 42596
http://www.securityfocus.com/bid/42596
Common Vulnerability Exposure (CVE) ID: CVE-2010-3679
BugTraq ID: 42638
http://www.securityfocus.com/bid/42638
XForce ISS Database: mysql-binlog-command-dos(64687)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64687
Common Vulnerability Exposure (CVE) ID: CVE-2010-3680
BugTraq ID: 42598
http://www.securityfocus.com/bid/42598
XForce ISS Database: mysql-innodb-dos(64686)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64686
Common Vulnerability Exposure (CVE) ID: CVE-2010-3681
BugTraq ID: 42633
http://www.securityfocus.com/bid/42633
XForce ISS Database: mysql-handler-interface-dos(64685)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64685
Common Vulnerability Exposure (CVE) ID: CVE-2010-3682
BugTraq ID: 42599
http://www.securityfocus.com/bid/42599
XForce ISS Database: mysql-itemsinglerowsubselect-dos(64684)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64684
Common Vulnerability Exposure (CVE) ID: CVE-2010-3683
BugTraq ID: 42625
http://www.securityfocus.com/bid/42625
XForce ISS Database: mysql-ok-packet-dos(64683)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64683
Common Vulnerability Exposure (CVE) ID: CVE-2010-3833
BugTraq ID: 43676
http://www.securityfocus.com/bid/43676
http://www.mandriva.com/security/advisories?name=MDVSA-2010:223
http://bugs.mysql.com/bug.php?id=55826
XForce ISS Database: mysql-extremevalue-dos(64845)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64845
Common Vulnerability Exposure (CVE) ID: CVE-2010-3834
http://bugs.mysql.com/bug.php?id=55568
XForce ISS Database: mysql-derived-table-dos(64844)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64844
Common Vulnerability Exposure (CVE) ID: CVE-2010-3835
http://bugs.mysql.com/bug.php?id=55564
XForce ISS Database: mysql-uservariable-dos(64843)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64843
Common Vulnerability Exposure (CVE) ID: CVE-2010-3836
XForce ISS Database: mysql-view-preparation-dos(64842)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64842
Common Vulnerability Exposure (CVE) ID: CVE-2010-3837
XForce ISS Database: mysql-prepared-statement-dos(64841)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64841
Common Vulnerability Exposure (CVE) ID: CVE-2010-3838
http://bugs.mysql.com/bug.php?id=54461
XForce ISS Database: mysql-longblob-dos(64840)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64840
Common Vulnerability Exposure (CVE) ID: CVE-2010-3839
XForce ISS Database: mysql-invocations-dos(64839)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64839
Common Vulnerability Exposure (CVE) ID: CVE-2010-3840
http://lists.mysql.com/commits/117094
XForce ISS Database: mysql-gislinestringinitfromwkb-dos(64838)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64838
Common Vulnerability Exposure (CVE) ID: CVE-2011-2262
Debian Security Information: DSA-2429 (Google Search)
http://www.debian.org/security/2012/dsa-2429
http://security.gentoo.org/glsa/glsa-201308-06.xml
http://secunia.com/advisories/48250
http://secunia.com/advisories/53372
Common Vulnerability Exposure (CVE) ID: CVE-2012-0075
BugTraq ID: 51526
http://www.securityfocus.com/bid/51526
http://osvdb.org/78374
SuSE Security Announcement: SUSE-SU-2012:0984 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html
XForce ISS Database: mysql-server-cve20120075(72539)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72539
Common Vulnerability Exposure (CVE) ID: CVE-2012-0087
BugTraq ID: 51509
http://www.securityfocus.com/bid/51509
http://osvdb.org/78377
XForce ISS Database: mysql-serveruns-dos(72519)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72519
Common Vulnerability Exposure (CVE) ID: CVE-2012-0101
http://osvdb.org/78378
XForce ISS Database: mysql-serveruns1-dos(72520)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72520
Common Vulnerability Exposure (CVE) ID: CVE-2012-0102
http://osvdb.org/78379
XForce ISS Database: mysql-serveruns2-dos(72521)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72521
Common Vulnerability Exposure (CVE) ID: CVE-2012-0112
Common Vulnerability Exposure (CVE) ID: CVE-2012-0113
Common Vulnerability Exposure (CVE) ID: CVE-2012-0114
Common Vulnerability Exposure (CVE) ID: CVE-2012-0115
Common Vulnerability Exposure (CVE) ID: CVE-2012-0116
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.