ID CVE-2007-2692 Type cve Reporter NVD Modified 2018-10-16T12:45:12
Description
The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
{"osvdb": [{"lastseen": "2017-04-28T13:20:31", "references": [], "description": "## Solution Description\nUpgrade to version 5.1.18-beta, 5.0.42, 4.1.23 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.mysql.com/\nVendor Specific News/Changelog Entry: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html\nVendor Specific News/Changelog Entry: http://bugs.mysql.com/bug.php?id=27337\n[Secunia Advisory ID:26073](https://secuniaresearch.flexerasoftware.com/advisories/26073/)\n[Secunia Advisory ID:26498](https://secuniaresearch.flexerasoftware.com/advisories/26498/)\n[Secunia Advisory ID:26710](https://secuniaresearch.flexerasoftware.com/advisories/26710/)\n[Secunia Advisory ID:26430](https://secuniaresearch.flexerasoftware.com/advisories/26430/)\n[Secunia Advisory ID:27823](https://secuniaresearch.flexerasoftware.com/advisories/27823/)\n[Secunia Advisory ID:25301](https://secuniaresearch.flexerasoftware.com/advisories/25301/)\n[Related OSVDB ID: 34766](https://vulners.com/osvdb/OSVDB:34766)\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-July/000213.html\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00193.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:177\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200708-10.xml\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-August/000224.html\nFrSIRT Advisory: ADV-2007-1804\n[CVE-2007-2692](https://vulners.com/cve/CVE-2007-2692)\n", "edition": 1, "reporter": "OSVDB", "published": "2007-05-08T05:03:52", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "MySQL mysql_change_db Function THD::db_access Privilege Escalation", "type": "osvdb", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2007-2692"], "modified": "2007-05-08T05:03:52", "href": "https://vulners.com/osvdb/OSVDB:34765", "id": "OSVDB:34765", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:56:55", "references": ["2008:028", "http://lists.mandriva.com/security-announce/2008-01/msg00049.php"], "pluginID": "830513", "description": "Check for the Version of mysql", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mandriva Update for mysql MDVSA-2008:028 (mysql)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6304", "CVE-2007-2692"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830513", "id": "OPENVAS:830513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2008:028 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not\n restore THD::db_access privileges when returning from SQL SECURITY\n INVOKER stored routines, which allowed remote authenticated users to\n gain privileges (CVE-2007-2692).\n\n The federated engine in MySQL 5.0.x, when performing a certain SHOW\n TABLE STATUS query, did not properly handle a response with a small\n number of columns, which could allow a remote MySQL server to cause\n a denial of service (federated handler crash and daemon crash)\n via a response that lacks the minimum required number of columns\n (CVE-2007-6304).\n \n The updated packages provide MySQL 5.0.45 for all Mandriva Linux\n platforms that shipped with MySQL 5.0.x which offers a number of\n feature enhancements and bug fixes. In addition, the updates for\n Corporate Server 4.0 include support for the Sphinx engine.\n \n Please note that due to the package name change (from 'MySQL' to\n 'mysql'), the mysqld service will not restart automatically so users\n must execute 'service mysqld start' after the upgrade is complete.\";\n\ntag_affected = \"mysql on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00049.php\");\n script_id(830513);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:028\");\n script_cve_id(\"CVE-2007-2692\", \"CVE-2007-6304\");\n script_name( \"Mandriva Update for mysql MDVSA-2008:028 (mysql)\");\n\n script_summary(\"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:54", "references": ["2008:028", "http://lists.mandriva.com/security-announce/2008-01/msg00049.php"], "pluginID": "1361412562310830513", "description": "Check for the Version of mysql", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "title": "Mandriva Update for mysql MDVSA-2008:028 (mysql)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6304", "CVE-2007-2692"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830513", "id": "OPENVAS:1361412562310830513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2008:028 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not\n restore THD::db_access privileges when returning from SQL SECURITY\n INVOKER stored routines, which allowed remote authenticated users to\n gain privileges (CVE-2007-2692).\n\n The federated engine in MySQL 5.0.x, when performing a certain SHOW\n TABLE STATUS query, did not properly handle a response with a small\n number of columns, which could allow a remote MySQL server to cause\n a denial of service (federated handler crash and daemon crash)\n via a response that lacks the minimum required number of columns\n (CVE-2007-6304).\n \n The updated packages provide MySQL 5.0.45 for all Mandriva Linux\n platforms that shipped with MySQL 5.0.x which offers a number of\n feature enhancements and bug fixes. In addition, the updates for\n Corporate Server 4.0 include support for the Sphinx engine.\n \n Please note that due to the package name change (from 'MySQL' to\n 'mysql'), the mysqld service will not restart automatically so users\n must execute 'service mysqld start' after the upgrade is complete.\";\n\ntag_affected = \"mysql on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-01/msg00049.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830513\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:028\");\n script_cve_id(\"CVE-2007-2692\", \"CVE-2007-6304\");\n script_name( \"Mandriva Update for mysql MDVSA-2008:028 (mysql)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:27:51", "references": ["588-1", "http://www.ubuntu.com/usn/usn-588-1/"], "pluginID": "840219", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-588-1", "edition": 3, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1", "type": "openvas", "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2006-7232", "CVE-2008-0227", "CVE-2007-2692", "CVE-2008-0226"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840219", "id": "OPENVAS:840219", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_588_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Masaaki Hirose discovered that MySQL could be made to dereference\n a NULL pointer. An authenticated user could cause a denial of service\n (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA\n table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232)\n\n Alexander Nozdrin discovered that MySQL did not restore database access\n privileges when returning from SQL SECURITY INVOKER stored routines. An\n authenticated user could exploit this to gain privileges. This issue\n does not affect Ubuntu 7.10. (CVE-2007-2692)\n \n Martin Friebe discovered that MySQL did not properly update the DEFINER\n value of an altered view. An authenticated user could use CREATE SQL\n SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges.\n (CVE-2007-6303)\n \n Luigi Auriemma discovered that yaSSL as included in MySQL did not\n properly validate its input. A remote attacker could send crafted\n requests and cause a denial of service or possibly execute arbitrary\n code. This issue did not affect Ubuntu 6.06 in the default installation.\n (CVE-2008-0226, CVE-2008-0227)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-588-1\";\ntag_affected = \"mysql-dfsg-5.0 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-588-1/\");\n script_id(840219);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"588-1\");\n script_cve_id(\"CVE-2006-7232\", \"CVE-2007-2692\", \"CVE-2007-6303\", \"CVE-2008-0226\", \"CVE-2008-0227\");\n script_name( \"Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0_5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"4.1_5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0_5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.38-0ubuntu1.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0_5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0_5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.22-0ubuntu6.06.8\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0_5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0_5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.24a-9ubuntu2.4\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0_5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0_5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.45-1ubuntu3.3\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:29:03", "references": ["http://www.ubuntu.com/usn/usn-588-2/", "588-2"], "pluginID": "840240", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-588-2", "edition": 3, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-23T00:00:00", "title": "Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2006-7232", "CVE-2008-0227", "CVE-2007-2692", "CVE-2008-0226"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840240", "id": "OPENVAS:840240", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_588_2.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for\n Ubuntu 6.06, additional improvements were made to make privilege checks\n more restictive. As a result, an upstream bug was exposed which could\n cause operations on tables or views in a different database to fail. This\n update fixes the problem.\n\n We apologize for the inconvenience.\n \n Original advisory details:\n \n Masaaki Hirose discovered that MySQL could be made to dereference\n a NULL pointer. An authenticated user could cause a denial of service\n (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA\n table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232)\n \n Alexander Nozdrin discovered that MySQL did not restore database access\n privileges when returning from SQL SECURITY INVOKER stored routines. An\n authenticated user could exploit this to gain privileges. This issue\n does not affect Ubuntu 7.10. (CVE-2007-2692)\n \n Martin Friebe discovered that MySQL did not properly update the DEFINER\n value of an altered view. An authenticated user could use CREATE SQL\n SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges.\n (CVE-2007-6303)\n \n Luigi Auriemma discovered that yaSSL as included in MySQL did not\n properly validate its input. A remote attacker could send crafted\n requests and cause a denial of service or possibly execute arbitrary\n code. This issue did not affect Ubuntu 6.06 in the default installation.\n (CVE-2008-0226, CVE-2008-0227)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-588-2\";\ntag_affected = \"mysql-dfsg-5.0 regression on Ubuntu 6.06 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-588-2/\");\n script_id(840240);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"588-2\");\n script_cve_id(\"CVE-2007-2692\", \"CVE-2006-7232\", \"CVE-2007-6303\", \"CVE-2008-0226\", \"CVE-2008-0227\");\n script_name( \"Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0_5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0_5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.22-0ubuntu6.06.9\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:07", "references": [], "pluginID": "59638", "description": "The remote host is missing an update to mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1\nannounced via advisory DSA 1413-1.", "edition": 2, "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "title": "Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2007-3780", "CVE-2007-5925", "CVE-2007-3782", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=59638", "id": "OPENVAS:59638", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1413_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1413-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been found in the MySQL database packages\nwith implications ranging from unauthorized database modifications to\nremotely triggered server crashes.\n\nCVE-2007-2583\n\nThe in_decimal::set function in item_cmpfunc.cc in MySQL\nbefore 5.0.40 allows context-dependent attackers to cause a\ndenial of service (crash) via a crafted IF clause that results\nin a divide-by-zero error and a NULL pointer dereference.\n(Affects source version 5.0.32)\n\nCVE-2007-2691\n\nMySQL does not require the DROP privilege for RENAME TABLE\nstatements, which allows remote authenticated users to rename\narbitrary tables. (All supported versions affected.)\n\nCVE-2007-2692\n\nThe mysql_change_db function does not restore THD::db_access\nprivileges when returning from SQL SECURITY INVOKER stored\nroutines, which allows remote authenticated users to gain\nprivileges. (Affects source version 5.0.32)\n\nCVE-2007-3780\n\nMySQL could be made to overflow a signed char during\nauthentication. Remote attackers could use specially crafted\nauthentication requests to cause a denial of\nservice. (Upstream source versions 4.1.11a and 5.0.32\naffected.)\n\nCVE-2007-3782\n\nPhil Anderton discovered that MySQL did not properly verify\naccess privileges when accessing external tables. As a result,\nauthenticated users could exploit this to obtain UPDATE\nprivileges to external tables. (Affects source version\n5.0.32)\n\nCVE-2007-5925\n\nThe convert_search_mode_to_innobase function in ha_innodb.cc\nin the InnoDB engine in MySQL 5.1.23-BK and earlier allows\nremote authenticated users to cause a denial of service\n(database crash) via a certain CONTAINS operation on an\nindexed column, which triggers an assertion error. (Affects\nsource version 5.0.32)\n\n\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.0.32-7etch3 of the mysql-dfsg-5.0 packages\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 4.0.24-10sarge3 of mysql-dfsg and version\n4.1.11a-4sarge8 of mysql-dfsg-4.1\n\nWe recommend that you upgrade your mysql packages.\";\ntag_summary = \"The remote host is missing an update to mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1\nannounced via advisory DSA 1413-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201413-1\";\n\nif(description)\n{\n script_id(59638);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-3780\", \"CVE-2007-3782\", \"CVE-2007-5925\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-4.1\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.32-7etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"4.0.24-10sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common-4.1\", ver:\"4.1.11a-4sarge8\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"4.0.24-10sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"4.0.24-10sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-4.1\", ver:\"4.1.11a-4sarge8\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient12-dev\", ver:\"4.0.24-10sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-4.1\", ver:\"4.1.11a-4sarge8\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient14\", ver:\"4.1.11a-4sarge8\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient14-dev\", ver:\"4.1.11a-4sarge8\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient12\", ver:\"4.0.24-10sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:12", "references": [], "pluginID": "65426", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mysql-client\n mysql\n mysql-shared\n mysql-Max\n mysql-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021882 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SLES9: Security update for MySQL", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2007-2583", "CVE-2007-5925", "CVE-2007-5969", "CVE-2007-6304", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65426", "id": "OPENVAS:65426", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021882.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for MySQL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mysql-client\n mysql\n mysql-shared\n mysql-Max\n mysql-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021882 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65426);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-5925\", \"CVE-2007-5969\", \"CVE-2007-6303\", \"CVE-2007-6304\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for MySQL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~4.0.18~32.32\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:17", "references": [], "pluginID": "136141256231065426", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mysql-client\n mysql\n mysql-shared\n mysql-Max\n mysql-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021882 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "title": "SLES9: Security update for MySQL", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2007-2583", "CVE-2007-5925", "CVE-2007-5969", "CVE-2007-6304", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065426", "id": "OPENVAS:136141256231065426", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021882.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for MySQL\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mysql-client\n mysql\n mysql-shared\n mysql-Max\n mysql-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021882 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65426\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-5925\", \"CVE-2007-5969\", \"CVE-2007-6303\", \"CVE-2007-6304\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for MySQL\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~4.0.18~32.32\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:24:20", "references": ["http://linux.oracle.com/errata/ELSA-2008-0364.html"], "pluginID": "1361412562310122583", "description": "Oracle Linux Local Security Checks ELSA-2008-0364", "edition": 6, "reporter": "Eero Volotinen", "published": "2015-10-08T00:00:00", "title": "Oracle Linux Local Check: ELSA-2008-0364", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2006-7232", "CVE-2006-4227", "CVE-2007-3781", "CVE-2006-4031", "CVE-2007-1420", "CVE-2007-3782", "CVE-2006-0903", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122583", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122583", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0364.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122583\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:48:37 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0364\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0364 - mysql security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0364\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0364.html\");\n script_cve_id(\"CVE-2006-7232\", \"CVE-2007-1420\", \"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-3781\", \"CVE-2007-3782\", \"CVE-2006-0903\", \"CVE-2006-4031\", \"CVE-2006-4227\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~7.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~7.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.45~7.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.45~7.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.45~7.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:37", "references": ["https://www.redhat.com/archives/rhsa-announce/2008-May/msg00021.html", "2008:0364-01"], "pluginID": "870069", "description": "Check for the Version of mysql", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "RedHat Update for mysql RHSA-2008:0364-01", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2006-7232", "CVE-2006-4227", "CVE-2007-3781", "CVE-2006-4031", "CVE-2007-1420", "CVE-2007-3782", "CVE-2006-0903", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2017-07-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870069", "id": "OPENVAS:870069", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2008:0364-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\n client/server implementation consisting of a server daemon (mysqld), and\n many different client programs and libraries.\n\n MySQL did not require privileges such as "SELECT" for the source table in a\n "CREATE TABLE LIKE" statement. An authenticated user could obtain sensitive\n information, such as the table structure. (CVE-2007-3781)\n \n A flaw was discovered in MySQL that allowed an authenticated user to gain\n update privileges for a table in another database, via a view that refers\n to the external table. (CVE-2007-3782)\n \n MySQL did not require the "DROP" privilege for "RENAME TABLE" statements.\n An authenticated user could use this flaw to rename arbitrary tables.\n (CVE-2007-2691)\n \n A flaw was discovered in the mysql_change_db function when returning from\n SQL SECURITY INVOKER stored routines. An authenticated user could use this\n flaw to gain database privileges. (CVE-2007-2692)\n \n MySQL allowed an authenticated user to bypass logging mechanisms via SQL\n queries that contain the NULL character, which were not properly handled by\n the mysql_real_query function. (CVE-2006-0903)\n \n MySQL allowed an authenticated user to access a table through a previously\n created MERGE table, even after the user's privileges were revoked from\n the original table, which might violate intended security policy. This is\n addressed by allowing the MERGE storage engine to be disabled, which can\n be done by running mysqld with the "--skip-merge" option. (CVE-2006-4031)\n \n MySQL evaluated arguments in the wrong security context, which allowed an\n authenticated user to gain privileges through a routine that had been made\n available using "GRANT EXECUTE". (CVE-2006-4227)\n \n Multiple flaws in MySQL allowed an authenticated user to cause the MySQL\n daemon to crash via crafted SQL queries. This only caused a temporary\n denial of service, as the MySQL daemon is automatically restarted after the\n crash. (CVE-2006-7232, CVE-2007-1420, CVE-2007-2583)\n \n As well, these updated packages fix the following bugs:\n \n * a separate counter was used for "insert delayed" statements, which caused\n rows to be discarded. In these updated packages, "insert delayed"\n statements no longer use a separate counter, which resolves this issue.\n \n * due to a bug in the Native POSIX Thread Library, in certain situations,\n "flush tables" caused a deadlock on tables that had a read lock. The mysqld\n daemon had to be ki ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00021.html\");\n script_id(870069);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2008:0364-01\");\n script_cve_id(\"CVE-2006-0903\", \"CVE-2006-4031\", \"CVE-2006-4227\", \"CVE-2006-7232\", \"CVE-2007-1420\", \"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-3781\", \"CVE-2007-3782\");\n script_name( \"RedHat Update for mysql RHSA-2008:0364-01\");\n\n script_summary(\"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:38:31", "references": ["https://www.redhat.com/archives/rhsa-announce/2008-May/msg00021.html", "2008:0364-01"], "pluginID": "1361412562310870069", "description": "Check for the Version of mysql", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for mysql RHSA-2008:0364-01", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2006-7232", "CVE-2006-4227", "CVE-2007-3781", "CVE-2006-4031", "CVE-2007-1420", "CVE-2007-3782", "CVE-2006-0903", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870069", "id": "OPENVAS:1361412562310870069", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2008:0364-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\n client/server implementation consisting of a server daemon (mysqld), and\n many different client programs and libraries.\n\n MySQL did not require privileges such as "SELECT" for the source table in a\n "CREATE TABLE LIKE" statement. An authenticated user could obtain sensitive\n information, such as the table structure. (CVE-2007-3781)\n \n A flaw was discovered in MySQL that allowed an authenticated user to gain\n update privileges for a table in another database, via a view that refers\n to the external table. (CVE-2007-3782)\n \n MySQL did not require the "DROP" privilege for "RENAME TABLE" statements.\n An authenticated user could use this flaw to rename arbitrary tables.\n (CVE-2007-2691)\n \n A flaw was discovered in the mysql_change_db function when returning from\n SQL SECURITY INVOKER stored routines. An authenticated user could use this\n flaw to gain database privileges. (CVE-2007-2692)\n \n MySQL allowed an authenticated user to bypass logging mechanisms via SQL\n queries that contain the NULL character, which were not properly handled by\n the mysql_real_query function. (CVE-2006-0903)\n \n MySQL allowed an authenticated user to access a table through a previously\n created MERGE table, even after the user's privileges were revoked from\n the original table, which might violate intended security policy. This is\n addressed by allowing the MERGE storage engine to be disabled, which can\n be done by running mysqld with the "--skip-merge" option. (CVE-2006-4031)\n \n MySQL evaluated arguments in the wrong security context, which allowed an\n authenticated user to gain privileges through a routine that had been made\n available using "GRANT EXECUTE". (CVE-2006-4227)\n \n Multiple flaws in MySQL allowed an authenticated user to cause the MySQL\n daemon to crash via crafted SQL queries. This only caused a temporary\n denial of service, as the MySQL daemon is automatically restarted after the\n crash. (CVE-2006-7232, CVE-2007-1420, CVE-2007-2583)\n \n As well, these updated packages fix the following bugs:\n \n * a separate counter was used for "insert delayed" statements, which caused\n rows to be discarded. In these updated packages, "insert delayed"\n statements no longer use a separate counter, which resolves this issue.\n \n * due to a bug in the Native POSIX Thread Library, in certain situations,\n "flush tables" caused a deadlock on tables that had a read lock. The mysqld\n daemon had to be ki ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870069\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2008:0364-01\");\n script_cve_id(\"CVE-2006-0903\", \"CVE-2006-4031\", \"CVE-2006-4227\", \"CVE-2006-7232\", \"CVE-2007-1420\", \"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-3781\", \"CVE-2007-3782\");\n script_name( \"RedHat Update for mysql RHSA-2008:0364-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.45~7.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:47:04", "references": ["http://bugs.mysql.com/bug.php?id=27513", "http://bugs.mysql.com/bug.php?id=27337", "http://lists.mysql.com/commits/23685"], "pluginID": "17832", "description": "The version of MySQL installed on the remote host is reportedly affected by several issues :\n\n - Evaluation of an 'IN()' predicate with a decimal-valued argument causes a service crash.\n\n - A remote, authenticated user can gain privileges.", "edition": 6, "reporter": "Tenable", "published": "2012-01-18T00:00:00", "title": "MySQL 5.0 < 5.0.40 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2007-2692"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_5_0_40.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=17832", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17832);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/16 14:09:12\");\n\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2692\");\n script_bugtraq_id(23911, 24011);\n script_xref(name:\"EDB-ID\", value:\"30020\");\n\n script_name(english:\"MySQL 5.0 < 5.0.40 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL installed on the remote host is reportedly \naffected by several issues :\n\n - Evaluation of an 'IN()' predicate with a decimal-valued\n argument causes a service crash.\n\n - A remote, authenticated user can gain privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=27337\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.mysql.com/commits/23685\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=27513\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL version 5.0.40 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(fixed:'5.0.40', severity:SECURITY_WARNING, min:'5.0');\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:37:19", "references": ["http://bugs.mysql.com/bug.php?id=27513", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-40.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-41.html"], "pluginID": "25198", "description": "The version of MySQL installed on the remote host reportedly is affected by a denial of service vulnerability that may be triggered with a specially crafted IF query. An attacker who can execute arbitrary SELECT statements may be able to leverage this issue to crash the affected service.", "edition": 6, "reporter": "Tenable", "published": "2007-05-10T00:00:00", "title": "MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2007-2692"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_SELECT_IF_DOS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25198);\n script_version(\"1.24\");\n script_cvs_date(\"Date: 2018/07/16 14:09:13\");\n\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2692\");\n script_bugtraq_id(23911);\n script_xref(name:\"EDB-ID\", value:\"30020\");\n\n script_name(english:\"MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS\");\n script_summary(english:\"Checks version of MySQL\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is prone to a denial of service attack.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL installed on the remote host reportedly is\naffected by a denial of service vulnerability that may be triggered\nwith a specially crafted IF query. An attacker who can execute\narbitrary SELECT statements may be able to leverage this issue to\ncrash the affected service.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=27513\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-41.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-40.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL Community Server 5.0.41 / 5.1.18 / Enterprise Server\n5.0.40 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/05/10\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_require_keys(\"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"mysql_func.inc\");\n\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2)\n exit(1, \"This plugin only runs if 'Report paranoia' is set to 'Paranoid'.\");\n\nport = get_service(svc:\"mysql\", default:3306, exit_on_fail:TRUE);\n\nif (mysql_init(port:port, exit_on_fail:TRUE) == 1)\n{\n variant = mysql_get_variant();\n ver = mysql_get_version();\n\n if (\n (\n \"Enterprise\" >< variant && \n ver =~ \"^5\\.0\\.([0-9]|[1-3][0-9])($|[^0-9])\"\n ) ||\n ver =~ \"^5\\.(0\\.([0-9]|[1-3][0-9])|1\\.([0-9]|1[1-7]))($|[^0-9])\"\n )\n {\n report =\n '\\nThe remote MySQL '+mysql_get_variant()+'\\'s version is :\\n'+\n '\\n '+ver+'\\n';\n datadir = get_kb_item('mysql/' + port + '/datadir');\n if (!empty_or_null(datadir))\n {\n report += ' Data Dir : ' + datadir + '\\n';\n }\n databases = get_kb_item('mysql/' + port + '/databases');\n if (!empty_or_null(databases))\n { \n report += ' Databases :\\n' + databases;\n }\n security_warning(port:port, extra:report);\n }\n}\nmysql_close();\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:05:16", "references": [], "pluginID": "36399", "description": "The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allowed remote authenticated users to gain privileges (CVE-2007-2692).\n\nThe federated engine in MySQL 5.0.x, when performing a certain SHOW TABLE STATUS query, did not properly handle a response with a small number of columns, which could allow a remote MySQL server to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns (CVE-2007-6304).\n\nThe updated packages provide MySQL 5.0.45 for all Mandriva Linux platforms that shipped with MySQL 5.0.x which offers a number of feature enhancements and bug fixes. In addition, the updates for Corporate Server 4.0 include support for the Sphinx engine.\n\nPlease note that due to the package name change (from 'MySQL' to 'mysql'), the mysqld service will not restart automatically so users must execute 'service mysqld start' after the upgrade is complete.", "edition": 5, "reporter": "Tenable", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : mysql (MDVSA-2008:028)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2007-6304", "CVE-2007-2692"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mysql-ndb-management", "p-cpe:/a:mandriva:linux:mysql-bench", "p-cpe:/a:mandriva:linux:mysql", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:libmysql-devel", "p-cpe:/a:mandriva:linux:lib64mysql15", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:mysql-max", "p-cpe:/a:mandriva:linux:mysql-ndb-tools", "p-cpe:/a:mandriva:linux:lib64mysql-static-devel", "p-cpe:/a:mandriva:linux:mysql-ndb-storage", "p-cpe:/a:mandriva:linux:mysql-common", "p-cpe:/a:mandriva:linux:mysql-ndb-extra", "p-cpe:/a:mandriva:linux:mysql-client", "p-cpe:/a:mandriva:linux:lib64mysql-devel", "p-cpe:/a:mandriva:linux:libmysql-static-devel", "p-cpe:/a:mandriva:linux:libmysql15"], "id": "MANDRIVA_MDVSA-2008-028.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36399", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:028. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36399);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:15\");\n\n script_cve_id(\"CVE-2007-2692\", \"CVE-2007-6303\", \"CVE-2007-6304\");\n script_bugtraq_id(24011, 26832);\n script_xref(name:\"MDVSA\", value:\"2008:028\");\n\n script_name(english:\"Mandriva Linux Security Advisory : mysql (MDVSA-2008:028)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not\nrestore THD::db_access privileges when returning from SQL SECURITY\nINVOKER stored routines, which allowed remote authenticated users to\ngain privileges (CVE-2007-2692).\n\nThe federated engine in MySQL 5.0.x, when performing a certain SHOW\nTABLE STATUS query, did not properly handle a response with a small\nnumber of columns, which could allow a remote MySQL server to cause a\ndenial of service (federated handler crash and daemon crash) via a\nresponse that lacks the minimum required number of columns\n(CVE-2007-6304).\n\nThe updated packages provide MySQL 5.0.45 for all Mandriva Linux\nplatforms that shipped with MySQL 5.0.x which offers a number of\nfeature enhancements and bug fixes. In addition, the updates for\nCorporate Server 4.0 include support for the Sphinx engine.\n\nPlease note that due to the package name change (from 'MySQL' to\n'mysql'), the mysqld service will not restart automatically so users\nmust execute 'service mysqld start' after the upgrade is complete.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mysql-devel-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mysql-static-devel-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmysql-devel-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmysql-static-devel-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmysql15-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-bench-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-client-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-common-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-max-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-ndb-extra-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-ndb-management-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-ndb-storage-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mysql-ndb-tools-5.0.45-8.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mysql-devel-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mysql-static-devel-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmysql-devel-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmysql-static-devel-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmysql15-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-bench-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-client-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-common-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-max-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-ndb-extra-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-ndb-management-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-ndb-storage-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"mysql-ndb-tools-5.0.45-8.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:48:34", "references": ["https://security-tracker.debian.org/tracker/CVE-2007-2691", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451235", "https://security-tracker.debian.org/tracker/CVE-2007-3780", "https://security-tracker.debian.org/tracker/CVE-2007-5925", "https://www.debian.org/security/2007/dsa-1413", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426353", "https://security-tracker.debian.org/tracker/CVE-2007-2583", "https://security-tracker.debian.org/tracker/CVE-2007-3782", "https://security-tracker.debian.org/tracker/CVE-2007-2692", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424778", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424778"], "pluginID": "28336", "description": "Several vulnerabilities have been found in the MySQL database packages with implications ranging from unauthorized database modifications to remotely triggered server crashes. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-2583 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40 allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. (Affects source version 5.0.32.)\n\n - CVE-2007-2691 MySQL does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. (All supported versions affected.)\n\n - CVE-2007-2692 The mysql_change_db function does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges. (Affects source version 5.0.32.)\n\n - CVE-2007-3780 MySQL could be made to overflow a signed char during authentication. Remote attackers could use specially crafted authentication requests to cause a denial of service. (Upstream source versions 4.1.11a and 5.0.32 affected.)\n\n - CVE-2007-3782 Phil Anderton discovered that MySQL did not properly verify access privileges when accessing external tables.\n As a result, authenticated users could exploit this to obtain UPDATE privileges to external tables. (Affects source version 5.0.32.)\n\n - CVE-2007-5925 The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. (Affects source version 5.0.32.)", "edition": 9, "reporter": "Tenable", "published": "2007-11-29T00:00:00", "title": "Debian DSA-1413-1 : mysql - multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2007-5925", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mysql-dfsg-4.1", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:mysql-dfsg", "p-cpe:/a:debian:debian_linux:mysql-dfsg-5.0"], "id": "DEBIAN_DSA-1413.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=28336", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1413. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(28336);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/11/10 11:49:33\");\n\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-5925\");\n script_xref(name:\"DSA\", value:\"1413\");\n\n script_name(english:\"Debian DSA-1413-1 : mysql - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in the MySQL database packages\nwith implications ranging from unauthorized database modifications to\nremotely triggered server crashes. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2007-2583\n The in_decimal::set function in item_cmpfunc.cc in MySQL\n before 5.0.40 allows context-dependent attackers to\n cause a denial of service (crash) via a crafted IF\n clause that results in a divide-by-zero error and a NULL\n pointer dereference. (Affects source version 5.0.32.)\n\n - CVE-2007-2691\n MySQL does not require the DROP privilege for RENAME\n TABLE statements, which allows remote authenticated\n users to rename arbitrary tables. (All supported\n versions affected.)\n\n - CVE-2007-2692\n The mysql_change_db function does not restore\n THD::db_access privileges when returning from SQL\n SECURITY INVOKER stored routines, which allows remote\n authenticated users to gain privileges. (Affects source\n version 5.0.32.)\n\n - CVE-2007-3780\n MySQL could be made to overflow a signed char during\n authentication. Remote attackers could use specially\n crafted authentication requests to cause a denial of\n service. (Upstream source versions 4.1.11a and 5.0.32\n affected.)\n\n - CVE-2007-3782\n Phil Anderton discovered that MySQL did not properly\n verify access privileges when accessing external tables.\n As a result, authenticated users could exploit this to\n obtain UPDATE privileges to external tables. (Affects\n source version 5.0.32.)\n\n - CVE-2007-5925\n The convert_search_mode_to_innobase function in\n ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and\n earlier allows remote authenticated users to cause a\n denial of service (database crash) via a certain\n CONTAINS operation on an indexed column, which triggers\n an assertion error. (Affects source version 5.0.32.)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-5925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1413\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mysql packages.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 4.0.24-10sarge3 of mysql-dfsg and version\n4.1.11a-4sarge8 of mysql-dfsg-4.1.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.0.32-7etch3 of the mysql-dfsg-5.0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(20, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-dfsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-dfsg-4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-dfsg-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libmysqlclient12\", reference:\"4.0.24-10sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libmysqlclient12-dev\", reference:\"4.0.24-10sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libmysqlclient14\", reference:\"4.1.11a-4sarge8\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libmysqlclient14-dev\", reference:\"4.1.11a-4sarge8\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mysql-client\", reference:\"4.0.24-10sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mysql-client-4.1\", reference:\"4.1.11a-4sarge8\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mysql-common\", reference:\"4.0.24-10sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mysql-common-4.1\", reference:\"4.1.11a-4sarge8\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mysql-server\", reference:\"4.0.24-10sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mysql-server-4.1\", reference:\"4.1.11a-4sarge8\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmysqlclient15-dev\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmysqlclient15off\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-client\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-client-5.0\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-common\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-server\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-server-4.1\", reference:\"5.0.32-7etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-server-5.0\", reference:\"5.0.32-7etch3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:54", "references": ["http://bugs.mysql.com/bug.php?id=27515", "http://bugs.mysql.com/bug.php?id=23675", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html", "http://bugs.mysql.com/bug.php?id=27337"], "pluginID": "25242", "description": "The version of MySQL installed on the remote host reportedly is affected by several issues :\n\n - Evaluation of an 'IN()' predicate with a decimal-valued argument causes a service crash.\n\n - A user can rename a table even though he does not have DROP privileges.\n\n - If a stored routine is declared as 'SQL SECURITY INVOKER', a user may be able to gain privileges by invoking that routine.\n\n - A user with only ALTER privileges on a partitioned table can discover information about the table that should require SELECT privileges.", "edition": 6, "reporter": "Tenable", "published": "2007-05-17T00:00:00", "title": "MySQL 5.1 < 5.1.18 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2583", "CVE-2007-2693", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_5_1_18.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25242", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25242);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/07/16 14:09:13\");\n\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-2693\");\n script_bugtraq_id(23911, 24008, 24011, 24016);\n script_xref(name:\"EDB-ID\", value:\"30020\");\n\n script_name(english:\"MySQL 5.1 < 5.1.18 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL installed on the remote host reportedly is\naffected by several issues :\n\n - Evaluation of an 'IN()' predicate with a decimal-valued\n argument causes a service crash.\n\n - A user can rename a table even though he does not have \n DROP privileges.\n\n - If a stored routine is declared as 'SQL SECURITY INVOKER', \n a user may be able to gain privileges by invoking that \n routine.\n\n - A user with only ALTER privileges on a partitioned table\n can discover information about the table that should \n require SELECT privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=23675\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=27515\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=27337\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL version 5.1.18 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/05/17\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_require_keys(\"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"mysql_func.inc\");\n\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2)\n exit(1, \"This plugin only runs if 'Report paranoia' is set to 'Paranoid'.\");\n\nport = get_service(svc:\"mysql\", default:3306, exit_on_fail:TRUE);\n\nif (mysql_init(port:port, exit_on_fail:TRUE) == 1)\n{\n ver = mysql_get_version();\n if (isnull(ver)) exit(0);\n\n if (ver =~ \"^5\\.1\\.([0-9]($|[^0-9])|1[1-7]($|[^0-9]))\")\n {\n report =\n '\\nThe remote MySQL '+mysql_get_variant()+'\\'s version is :\\n'+\n '\\n '+ver+'\\n';\n datadir = get_kb_item('mysql/' + port + '/datadir');\n if (!empty_or_null(datadir))\n {\n report += ' Data Dir : ' + datadir + '\\n';\n }\n databases = get_kb_item('mysql/' + port + '/databases');\n if (!empty_or_null(databases))\n { \n report += ' Databases :\\n' + databases;\n }\n security_warning(port:port, extra:report);\n }\n}\nmysql_close();\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:07:17", "references": [], "pluginID": "26009", "description": "A vulnerability was found in MySQL's authentication protocol, making it possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash (CVE-2007-3780).\n\nAnother flaw was discovered in MySQL that allowed remote authenticated users to gain update privileges for a table in another database via a view that refers to the external table (CVE-2007-3782).\n\nUpdated packages have been patched to prevent these issues.", "edition": 6, "reporter": "Tenable", "published": "2007-09-07T00:00:00", "title": "Mandrake Linux Security Advisory : MySQL (MDKSA-2007:177)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3780", "CVE-2007-3782", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:MySQL-common", "p-cpe:/a:mandriva:linux:MySQL-bench", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:lib64mysql15-static-devel", "p-cpe:/a:mandriva:linux:MySQL-Max", "p-cpe:/a:mandriva:linux:MySQL-ndb-storage", "p-cpe:/a:mandriva:linux:lib64mysql15", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:MySQL-ndb-management", "p-cpe:/a:mandriva:linux:MySQL-ndb-tools", "p-cpe:/a:mandriva:linux:MySQL-client", "p-cpe:/a:mandriva:linux:libmysql15-devel", "p-cpe:/a:mandriva:linux:lib64mysql15-devel", "p-cpe:/a:mandriva:linux:MySQL-ndb-extra", "p-cpe:/a:mandriva:linux:MySQL", "p-cpe:/a:mandriva:linux:libmysql15-static-devel", "p-cpe:/a:mandriva:linux:libmysql15"], "id": "MANDRAKE_MDKSA-2007-177.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=26009", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:177. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26009);\n script_version (\"1.15\");\n script_cvs_date(\"Date: 2018/07/19 20:59:14\");\n\n script_cve_id(\"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-3780\", \"CVE-2007-3782\");\n script_xref(name:\"MDKSA\", value:\"2007:177\");\n\n script_name(english:\"Mandrake Linux Security Advisory : MySQL (MDKSA-2007:177)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in MySQL's authentication protocol, making\nit possible for a remote unauthenticated attacker to send a specially\ncrafted authentication request to the MySQL server causing it to crash\n(CVE-2007-3780).\n\nAnother flaw was discovered in MySQL that allowed remote authenticated\nusers to gain update privileges for a table in another database via a\nview that refers to the external table (CVE-2007-3782).\n\nUpdated packages have been patched to prevent these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:MySQL-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql15-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql15-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql15-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql15-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-Max-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-bench-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-client-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-common-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-ndb-extra-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-ndb-management-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-ndb-storage-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"MySQL-ndb-tools-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mysql15-devel-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mysql15-static-devel-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmysql15-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmysql15-devel-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmysql15-static-devel-5.0.24a-2.2mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-Max-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-bench-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-client-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-common-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-ndb-extra-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-ndb-management-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-ndb-storage-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"MySQL-ndb-tools-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mysql15-devel-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64mysql15-static-devel-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmysql15-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmysql15-devel-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libmysql15-static-devel-5.0.37-2.2mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:36:09", "references": [], "pluginID": "31783", "description": "USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for Ubuntu 6.06, additional improvements were made to make privilege checks more restictive. As a result, an upstream bug was exposed which could cause operations on tables or views in a different database to fail. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nMasaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232)\n\nAlexander Nozdrin discovered that MySQL did not restore database access privileges when returning from SQL SECURITY INVOKER stored routines. An authenticated user could exploit this to gain privileges. This issue does not affect Ubuntu 7.10. (CVE-2007-2692)\n\nMartin Friebe discovered that MySQL did not properly update the DEFINER value of an altered view. An authenticated user could use CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges. (CVE-2007-6303)\n\nLuigi Auriemma discovered that yaSSL as included in MySQL did not properly validate its input. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 in the default installation. (CVE-2008-0226, CVE-2008-0227).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2008-04-04T00:00:00", "title": "Ubuntu 6.06 LTS : mysql-dfsg-5.0 regression (USN-588-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2006-7232", "CVE-2008-0227", "CVE-2007-2692", "CVE-2008-0226"], "modified": "2016-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15off", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-server", "p-cpe:/a:canonical:ubuntu_linux:mysql-client", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-common", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-588-2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31783", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-588-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31783);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/01 21:21:51 $\");\n\n script_cve_id(\"CVE-2006-7232\", \"CVE-2007-2692\", \"CVE-2007-6303\", \"CVE-2008-0226\", \"CVE-2008-0227\");\n script_xref(name:\"USN\", value:\"588-2\");\n\n script_name(english:\"Ubuntu 6.06 LTS : mysql-dfsg-5.0 regression (USN-588-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for\nUbuntu 6.06, additional improvements were made to make privilege\nchecks more restictive. As a result, an upstream bug was exposed which\ncould cause operations on tables or views in a different database to\nfail. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nMasaaki Hirose discovered that MySQL could be made to dereference a\nNULL pointer. An authenticated user could cause a denial of service\n(application crash) via an EXPLAIN SELECT FROM on the\nINFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and\n6.10. (CVE-2006-7232)\n\nAlexander Nozdrin discovered that MySQL did not restore\ndatabase access privileges when returning from SQL SECURITY\nINVOKER stored routines. An authenticated user could exploit\nthis to gain privileges. This issue does not affect Ubuntu\n7.10. (CVE-2007-2692)\n\nMartin Friebe discovered that MySQL did not properly update\nthe DEFINER value of an altered view. An authenticated user\ncould use CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW\nstatements to gain privileges. (CVE-2007-6303)\n\nLuigi Auriemma discovered that yaSSL as included in MySQL\ndid not properly validate its input. A remote attacker could\nsend crafted requests and cause a denial of service or\npossibly execute arbitrary code. This issue did not affect\nUbuntu 6.06 in the default installation. (CVE-2008-0226,\nCVE-2008-0227).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MySQL yaSSL SSL Hello Message Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(89, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15off\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-client\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-common\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-server\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.22-0ubuntu6.06.9\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient15-dev / libmysqlclient15off / mysql-client / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:40:44", "references": [], "pluginID": "31638", "description": "Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232)\n\nAlexander Nozdrin discovered that MySQL did not restore database access privileges when returning from SQL SECURITY INVOKER stored routines. An authenticated user could exploit this to gain privileges.\nThis issue does not affect Ubuntu 7.10. (CVE-2007-2692)\n\nMartin Friebe discovered that MySQL did not properly update the DEFINER value of an altered view. An authenticated user could use CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges. (CVE-2007-6303)\n\nLuigi Auriemma discovered that yaSSL as included in MySQL did not properly validate its input. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 in the default installation. (CVE-2008-0226, CVE-2008-0227).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2008-03-21T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mysql-dfsg-5.0 vulnerabilities (USN-588-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2006-7232", "CVE-2008-0227", "CVE-2007-2692", "CVE-2008-0226"], "modified": "2018-08-06T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15off", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-server", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:mysql-client", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-4.1", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-common", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-588-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31638", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-588-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31638);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/08/06 14:03:15\");\n\n script_cve_id(\"CVE-2006-7232\", \"CVE-2007-2692\", \"CVE-2007-6303\", \"CVE-2008-0226\", \"CVE-2008-0227\");\n script_bugtraq_id(24011, 26832);\n script_xref(name:\"USN\", value:\"588-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mysql-dfsg-5.0 vulnerabilities (USN-588-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Masaaki Hirose discovered that MySQL could be made to dereference a\nNULL pointer. An authenticated user could cause a denial of service\n(application crash) via an EXPLAIN SELECT FROM on the\nINFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and\n6.10. (CVE-2006-7232)\n\nAlexander Nozdrin discovered that MySQL did not restore database\naccess privileges when returning from SQL SECURITY INVOKER stored\nroutines. An authenticated user could exploit this to gain privileges.\nThis issue does not affect Ubuntu 7.10. (CVE-2007-2692)\n\nMartin Friebe discovered that MySQL did not properly update the\nDEFINER value of an altered view. An authenticated user could use\nCREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements to gain\nprivileges. (CVE-2007-6303)\n\nLuigi Auriemma discovered that yaSSL as included in MySQL did not\nproperly validate its input. A remote attacker could send crafted\nrequests and cause a denial of service or possibly execute arbitrary\ncode. This issue did not affect Ubuntu 6.06 in the default\ninstallation. (CVE-2008-0226, CVE-2008-0227).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MySQL yaSSL SSL Hello Message Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(89, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15off\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2018 Canonical, Inc. / NASL script (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-client\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-common\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-server\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.22-0ubuntu6.06.8\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mysql-client\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mysql-common\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mysql-server\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.24a-9ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"mysql-client\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"mysql-common\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"mysql-server\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"mysql-server-4.1\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.38-0ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"mysql-client\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"mysql-common\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"mysql-server\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.45-1ubuntu3.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient15-dev / libmysqlclient15off / mysql-client / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:35:01", "references": [], "pluginID": "30180", "description": "This update fixes several security vulnerabilities (note: not all versions are affected by every bug) :\n\n - CVE-2007-2583 \n\n - CVE-2007-2691 \n\n - CVE-2007-2692 \n\n - CVE-2007-5925 \n\n - CVE-2007-5969 \n\n - CVE-2007-6303 \n\n - CVE-2007-6304", "edition": 5, "reporter": "Tenable", "published": "2008-02-05T00:00:00", "title": "openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-4873)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2007-2583", "CVE-2007-5925", "CVE-2007-5969", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:mysql-devel", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:mysql-shared-32bit", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:mysql-shared", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_LIBMYSQLCLIENT-DEVEL-4873.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=30180", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-4873.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(30180);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:27 $\");\n\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-5925\", \"CVE-2007-5969\", \"CVE-2007-6303\");\n\n script_name(english:\"openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-4873)\");\n script_summary(english:\"Check for the libmysqlclient-devel-4873 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security vulnerabilities (note: not all\nversions are affected by every bug) :\n\n - CVE-2007-2583 \n\n - CVE-2007-2691 \n\n - CVE-2007-2692 \n\n - CVE-2007-5925 \n\n - CVE-2007-5969 \n\n - CVE-2007-6303 \n\n - CVE-2007-6304\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_cwe_id(20, 189, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-shared\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-shared-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"mysql-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"mysql-Max-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"mysql-bench-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"mysql-client-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"mysql-devel-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"mysql-shared-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-Max-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-bench-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-client-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-debug-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-devel-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"mysql-shared-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libmysqlclient-devel-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libmysqlclient15-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libmysqlclient_r15-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mysql-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mysql-Max-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mysql-bench-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mysql-client-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mysql-debug-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mysql-tools-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.45-22.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.45-22.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:33:42", "references": ["http://support.novell.com/security/cve/CVE-2007-6303.html", "http://support.novell.com/security/cve/CVE-2007-2691.html", "http://support.novell.com/security/cve/CVE-2007-2583.html", "http://support.novell.com/security/cve/CVE-2007-6304.html", "http://support.novell.com/security/cve/CVE-2007-5969.html", "http://support.novell.com/security/cve/CVE-2007-2692.html", "http://support.novell.com/security/cve/CVE-2007-5925.html"], "pluginID": "30182", "description": "This update fixes several security vulnerabilities (note: not all versions are affected by every bug) :\n\n - CVE-2007-2583\n\n - CVE-2007-2691\n\n - CVE-2007-2692\n\n - CVE-2007-5925\n\n - CVE-2007-5969\n\n - CVE-2007-6303\n\n - CVE-2007-6304", "edition": 5, "reporter": "Tenable", "published": "2008-02-05T00:00:00", "title": "SuSE 10 Security Update : MySQL (ZYPP Patch Number 4879)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6303", "CVE-2007-2583", "CVE-2007-5925", "CVE-2007-5969", "CVE-2007-6304", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MYSQL-4879.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=30182", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(30182);\n script_version (\"$Revision: 1.16 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:28 $\");\n\n script_cve_id(\"CVE-2007-2583\", \"CVE-2007-2691\", \"CVE-2007-2692\", \"CVE-2007-5925\", \"CVE-2007-5969\", \"CVE-2007-6303\", \"CVE-2007-6304\");\n\n script_name(english:\"SuSE 10 Security Update : MySQL (ZYPP Patch Number 4879)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security vulnerabilities (note: not all\nversions are affected by every bug) :\n\n - CVE-2007-2583\n\n - CVE-2007-2691\n\n - CVE-2007-2692\n\n - CVE-2007-5925\n\n - CVE-2007-5969\n\n - CVE-2007-6303\n\n - CVE-2007-6304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2583.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2691.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2692.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5925.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5969.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6303.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6304.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4879.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_cwe_id(20, 189, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"mysql-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"mysql-client-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"mysql-devel-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"mysql-shared-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"mysql-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"mysql-Max-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"mysql-client-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"mysql-devel-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"mysql-shared-5.0.26-12.16\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:30", "references": ["https://launchpad.net/bugs/209699", "https://usn.ubuntu.com/usn/usn-588-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "5.0.22-0ubuntu6.06.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}], "description": "USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for Ubuntu 6.06, additional improvements were made to make privilege checks more restictive. As a result, an upstream bug was exposed which could cause operations on tables or views in a different database to fail. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nMasaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232)\n\nAlexander Nozdrin discovered that MySQL did not restore database access privileges when returning from SQL SECURITY INVOKER stored routines. An authenticated user could exploit this to gain privileges. This issue does not affect Ubuntu 7.10. (CVE-2007-2692)\n\nMartin Friebe discovered that MySQL did not properly update the DEFINER value of an altered view. An authenticated user could use CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges. (CVE-2007-6303)\n\nLuigi Auriemma discovered that yaSSL as included in MySQL did not properly validate its input. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 in the default installation. (CVE-2008-0226, CVE-2008-0227)", "edition": 3, "reporter": "Ubuntu", "published": "2008-04-02T00:00:00", "title": "MySQL regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-6303", "CVE-2006-7232", "CVE-2008-0227", "CVE-2007-2692", "CVE-2008-0226"], "modified": "2008-04-02T00:00:00", "id": "USN-588-2", "href": "https://usn.ubuntu.com/588-2/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:18", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2007-6303", "https://people.canonical.com/~ubuntu-security/cve/CVE-2007-2692", "https://people.canonical.com/~ubuntu-security/cve/CVE-2006-7232", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0227", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0226"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.10", "packageVersion": "5.0.24a-9ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "5.0.45-1ubuntu3.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "5.0.22-0ubuntu6.06.8", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "5.0.38-0ubuntu1.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}], "description": "Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232)\n\nAlexander Nozdrin discovered that MySQL did not restore database access privileges when returning from SQL SECURITY INVOKER stored routines. An authenticated user could exploit this to gain privileges. This issue does not affect Ubuntu 7.10. (CVE-2007-2692)\n\nMartin Friebe discovered that MySQL did not properly update the DEFINER value of an altered view. An authenticated user could use CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges. (CVE-2007-6303)\n\nLuigi Auriemma discovered that yaSSL as included in MySQL did not properly validate its input. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 in the default installation. (CVE-2008-0226, CVE-2008-0227)", "edition": 3, "reporter": "Ubuntu", "published": "2008-03-19T00:00:00", "title": "MySQL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-6303", "CVE-2006-7232", "CVE-2008-0227", "CVE-2007-2692", "CVE-2008-0226"], "modified": "2008-03-19T00:00:00", "id": "USN-588-1", "href": "https://usn.ubuntu.com/588-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-05-06T19:01:27", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql-test", "packageFilename": "mysql-test-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql-server", "packageFilename": "mysql-server-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql-bench", "packageFilename": "mysql-bench-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql-cluster", "packageFilename": "mysql-cluster-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "i386", "packageName": "mysql", "packageFilename": "mysql-5.0.44-1.el4s1.1.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql-test", "packageFilename": "mysql-test-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql-bench", "packageFilename": "mysql-bench-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql", "packageFilename": "mysql-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql-cluster", "packageFilename": "mysql-cluster-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "5.0.44-1.el4s1.1", "arch": "x86_64", "packageName": "mysql-server", "packageFilename": "mysql-server-5.0.44-1.el4s1.1.x86_64.rpm", "operator": "lt"}], "description": "On the 23rd August 2007, Red Hat Application Stack v1.2 was released. This\r\nrelease contained a new version of MySQL that corrected several security\r\nissues found in the MySQL packages of Red Hat Application Stack v1.1.\r\n\r\nUsers who have already updated to Red Hat Application Stack v1.2 will\r\nalready have the new MySQL packages and are not affected by these issues.\r\n\r\nA flaw was discovered in MySQL's authentication protocol. A remote\r\nunauthenticated attacker could send a specially crafted authentication\r\nrequest to the MySQL server causing it to crash. (CVE-2007-3780)\r\n\r\nMySQL did not require privileges such as SELECT for the source table in a\r\nCREATE TABLE LIKE statement. A remote authenticated user could obtain\r\nsensitive information such as the table structure. (CVE-2007-3781)\r\n\r\nA flaw was discovered in MySQL that allowed remote authenticated\r\nusers to gain update privileges for a table in another database via a view\r\nthat refers to the external table (CVE-2007-3782).\r\n\r\nA flaw was discovered in the mysql_change_db function when returning from\r\nSQL SECURITY INVOKER stored routines. A remote authenticated user could\r\nuse this flaw to gain database privileges. (CVE-2007-2692)\r\n\r\nMySQL did not require the DROP privilege for RENAME TABLE statements. A\r\nremote authenticated users could use this flaw to rename arbitrary tables.\r\n(CVE-2007-2691)", "reporter": "RedHat", "published": "2007-09-10T04:00:00", "type": "redhat", "title": "(RHSA-2007:0894) Important: mysql security update", "enchantments": {"score": {"modified": "2018-05-06T19:01:27", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-2691", "CVE-2007-2692", "CVE-2007-3780", "CVE-2007-3781", "CVE-2007-3782"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-03T23:41:44", "id": "RHSA-2007:0894", "href": "https://access.redhat.com/errata/RHSA-2007:0894", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-09T07:19:21", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-5.0.45-7.el5.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "src", "packageFilename": "mysql-5.0.45-7.el5.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc", "packageFilename": "mysql-test-5.0.45-7.el5.ppc.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc", "packageFilename": "mysql-5.0.45-7.el5.ppc.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc64", "packageFilename": "mysql-server-5.0.45-7.el5.ppc64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc64", "packageFilename": "mysql-devel-5.0.45-7.el5.ppc64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc64", "packageFilename": "mysql-5.0.45-7.el5.ppc64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc", "packageFilename": "mysql-bench-5.0.45-7.el5.ppc.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc", "packageFilename": "mysql-server-5.0.45-7.el5.ppc.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ppc", "packageFilename": "mysql-devel-5.0.45-7.el5.ppc.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390x", "packageFilename": "mysql-server-5.0.45-7.el5.s390x.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390", "packageFilename": "mysql-5.0.45-7.el5.s390.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390x", "packageFilename": "mysql-devel-5.0.45-7.el5.s390x.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390", "packageFilename": "mysql-devel-5.0.45-7.el5.s390.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390x", "packageFilename": "mysql-test-5.0.45-7.el5.s390x.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390x", "packageFilename": "mysql-bench-5.0.45-7.el5.s390x.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "s390x", "packageFilename": "mysql-5.0.45-7.el5.s390x.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-test-5.0.45-7.el5.i386.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-bench-5.0.45-7.el5.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-devel-5.0.45-7.el5.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-server-5.0.45-7.el5.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-bench-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-devel-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-server-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-test-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ia64", "packageFilename": "mysql-bench-5.0.45-7.el5.ia64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ia64", "packageFilename": "mysql-test-5.0.45-7.el5.ia64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ia64", "packageFilename": "mysql-5.0.45-7.el5.ia64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ia64", "packageFilename": "mysql-devel-5.0.45-7.el5.ia64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "ia64", "packageFilename": "mysql-server-5.0.45-7.el5.ia64.rpm", "packageName": "mysql-server", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\r\nclient/server implementation consisting of a server daemon (mysqld), and\r\nmany different client programs and libraries.\r\n\r\nMySQL did not require privileges such as \"SELECT\" for the source table in a\r\n\"CREATE TABLE LIKE\" statement. An authenticated user could obtain sensitive\r\ninformation, such as the table structure. (CVE-2007-3781)\r\n\r\nA flaw was discovered in MySQL that allowed an authenticated user to gain\r\nupdate privileges for a table in another database, via a view that refers\r\nto the external table. (CVE-2007-3782)\r\n\r\nMySQL did not require the \"DROP\" privilege for \"RENAME TABLE\" statements.\r\nAn authenticated user could use this flaw to rename arbitrary tables.\r\n(CVE-2007-2691)\r\n\r\nA flaw was discovered in the mysql_change_db function when returning from\r\nSQL SECURITY INVOKER stored routines. An authenticated user could use this\r\nflaw to gain database privileges. (CVE-2007-2692)\r\n\r\nMySQL allowed an authenticated user to bypass logging mechanisms via SQL\r\nqueries that contain the NULL character, which were not properly handled by\r\nthe mysql_real_query function. (CVE-2006-0903)\r\n\r\nMySQL allowed an authenticated user to access a table through a previously\r\ncreated MERGE table, even after the user's privileges were revoked from\r\nthe original table, which might violate intended security policy. This is\r\naddressed by allowing the MERGE storage engine to be disabled, which can\r\nbe done by running mysqld with the \"--skip-merge\" option. (CVE-2006-4031)\r\n\r\nMySQL evaluated arguments in the wrong security context, which allowed an\r\nauthenticated user to gain privileges through a routine that had been made\r\navailable using \"GRANT EXECUTE\". (CVE-2006-4227)\r\n\r\nMultiple flaws in MySQL allowed an authenticated user to cause the MySQL\r\ndaemon to crash via crafted SQL queries. This only caused a temporary\r\ndenial of service, as the MySQL daemon is automatically restarted after the\r\ncrash. (CVE-2006-7232, CVE-2007-1420, CVE-2007-2583)\r\n\r\nAs well, these updated packages fix the following bugs:\r\n\r\n* a separate counter was used for \"insert delayed\" statements, which caused\r\nrows to be discarded. In these updated packages, \"insert delayed\"\r\nstatements no longer use a separate counter, which resolves this issue.\r\n\r\n* due to a bug in the Native POSIX Thread Library, in certain situations,\r\n\"flush tables\" caused a deadlock on tables that had a read lock. The mysqld\r\ndaemon had to be killed forcefully. Now, \"COND_refresh\" has been replaced\r\nwith \"COND_global_read_lock\", which resolves this issue.\r\n\r\n* mysqld crashed if a query for an unsigned column type contained a\r\nnegative value for a \"WHERE [column] NOT IN\" subquery.\r\n\r\n* in master and slave server situations, specifying \"on duplicate key\r\nupdate\" for \"insert\" statements did not update slave servers.\r\n\r\n* in the mysql client, empty strings were displayed as \"NULL\". For\r\nexample, running \"insert into [table-name] values (' ');\" resulted in a\r\n\"NULL\" entry being displayed when querying the table using \"select * from\r\n[table-name];\".\r\n\r\n* a bug in the optimizer code resulted in certain queries executing much\r\nslower than expected.\r\n\r\n* on 64-bit PowerPC architectures, MySQL did not calculate the thread stack\r\nsize correctly, which could have caused MySQL to crash when overly-complex\r\nqueries were used.\r\n\r\nNote: these updated packages upgrade MySQL to version 5.0.45. For a full\r\nlist of bug fixes and enhancements, refer to the MySQL release notes:\r\nhttp://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0.html\r\n\r\nAll mysql users are advised to upgrade to these updated packages, which\r\nresolve these issues.", "reporter": "RedHat", "published": "2008-05-20T04:00:00", "type": "redhat", "title": "(RHSA-2008:0364) Low: mysql security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-0903", "CVE-2006-4031", "CVE-2006-4227", "CVE-2006-7232", "CVE-2007-1420", "CVE-2007-2583", "CVE-2007-2691", "CVE-2007-2692", "CVE-2007-3781", "CVE-2007-3782"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:50:31", "id": "RHSA-2008:0364", "href": "https://access.redhat.com/errata/RHSA-2008:0364", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:14", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.0.24-10sarge3", "arch": "all", "packageFilename": "mysql-common_4.0.24-10sarge3_all.deb", "packageName": "mysql-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.0.24-10sarge3", "arch": "all", "packageFilename": "mysql-dfsg_4.0.24-10sarge3_all.deb", "packageName": "mysql-dfsg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.0.24-10sarge3", "arch": "all", "packageFilename": "mysql-client_4.0.24-10sarge3_all.deb", "packageName": "mysql-client", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "libmysqlclient15-dev_5.0.32-7etch3_all.deb", "packageName": "libmysqlclient15-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-common_5.0.32-7etch3_all.deb", "packageName": "mysql-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.1.11a-4sarge8", "arch": "all", "packageFilename": "libmysqlclient14_4.1.11a-4sarge8_all.deb", "packageName": "libmysqlclient14", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.0.24-10sarge3", "arch": "all", "packageFilename": "mysql-server_4.0.24-10sarge3_all.deb", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.1.11a-4sarge8", "arch": "all", "packageFilename": "mysql-server-4.1_4.1.11a-4sarge8_all.deb", "packageName": "mysql-server-4.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.1.11a-4sarge8", "arch": "all", "packageFilename": "mysql-dfsg-4.1_4.1.11a-4sarge8_all.deb", "packageName": "mysql-dfsg-4.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.1.11a-4sarge8", "arch": "all", "packageFilename": "libmysqlclient14-dev_4.1.11a-4sarge8_all.deb", "packageName": "libmysqlclient14-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.0.24-10sarge3", "arch": "all", "packageFilename": "libmysqlclient12-dev_4.0.24-10sarge3_all.deb", "packageName": "libmysqlclient12-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-dfsg-5.0_5.0.32-7etch3_all.deb", "packageName": "mysql-dfsg-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.0.24-10sarge3", "arch": "all", "packageFilename": "libmysqlclient12_4.0.24-10sarge3_all.deb", "packageName": "libmysqlclient12", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-server_5.0.32-7etch3_all.deb", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-server-4.1_5.0.32-7etch3_all.deb", "packageName": "mysql-server-4.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-server-5.0_5.0.32-7etch3_all.deb", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "libmysqlclient15off_5.0.32-7etch3_all.deb", "packageName": "libmysqlclient15off", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-client-5.0_5.0.32-7etch3_all.deb", "packageName": "mysql-client-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.1.11a-4sarge8", "arch": "all", "packageFilename": "mysql-common-4.1_4.1.11a-4sarge8_all.deb", "packageName": "mysql-common-4.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch3", "arch": "all", "packageFilename": "mysql-client_5.0.32-7etch3_all.deb", "packageName": "mysql-client", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3.1", "packageVersion": "4.1.11a-4sarge8", "arch": "all", "packageFilename": "mysql-client-4.1_4.1.11a-4sarge8_all.deb", "packageName": "mysql-client-4.1", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1413-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans\nNovember 26, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1\nVulnerability : multiple\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-2583, CVE-2007-2691, CVE-2007-2692 \n CVE-2007-3780, CVE-2007-3782, CVE-2007-5925\nDebian Bug : 426353, 424778, 424778, 451235\n\nSeveral vulnerabilities have been found in the MySQL database packages\nwith implications ranging from unauthorized database modifications to\nremotely triggered server crashes.\n\nCVE-2007-2583\n\n\tThe in_decimal::set function in item_cmpfunc.cc in MySQL\n\tbefore 5.0.40 allows context-dependent attackers to cause a\n\tdenial of service (crash) via a crafted IF clause that results\n\tin a divide-by-zero error and a NULL pointer dereference.\n\t(Affects source version 5.0.32)\n\nCVE-2007-2691\n\n\tMySQL does not require the DROP privilege for RENAME TABLE\n\tstatements, which allows remote authenticated users to rename\n\tarbitrary tables. (All supported versions affected.)\n\nCVE-2007-2692\n\n\tThe mysql_change_db function does not restore THD::db_access\n\tprivileges when returning from SQL SECURITY INVOKER stored\n\troutines, which allows remote authenticated users to gain\n\tprivileges. (Affects source version 5.0.32)\n\nCVE-2007-3780\n\n\tMySQL could be made to overflow a signed char during\n\tauthentication. Remote attackers could use specially crafted\n\tauthentication requests to cause a denial of\n\tservice. (Upstream source versions 4.1.11a and 5.0.32\n\taffected.)\n\nCVE-2007-3782\n\n\tPhil Anderton discovered that MySQL did not properly verify\n\taccess privileges when accessing external tables. As a result,\n\tauthenticated users could exploit this to obtain UPDATE\n\tprivileges to external tables. (Affects source version\n\t5.0.32)\n\nCVE-2007-5925\n\n\tThe convert_search_mode_to_innobase function in ha_innodb.cc\n\tin the InnoDB engine in MySQL 5.1.23-BK and earlier allows\n\tremote authenticated users to cause a denial of service\n\t(database crash) via a certain CONTAINS operation on an\n\tindexed column, which triggers an assertion error. (Affects\n\tsource version 5.0.32)\n\n\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 5.0.32-7etch3 of the mysql-dfsg-5.0 packages\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 4.0.24-10sarge3 of mysql-dfsg and version\n4.1.11a-4sarge8 of mysql-dfsg-4.1\n\nWe recommend that you upgrade your mysql packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz\n Size/MD5 checksum: 158239 ceb5a1f5875bd86c34f1c8711fff1512\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz\n Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc\n Size/MD5 checksum: 1117 1f37ff72f1d5276c52b1adcebe796704\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb\n Size/MD5 checksum: 53548 5eab71c3e41f585dfb86f360cf9413a8\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb\n Size/MD5 checksum: 47306 e3e2cf556bcf98b077090b9aa1551973\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb\n Size/MD5 checksum: 45228 8ae0496a27a9919f0ef79100a294cb5c\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_alpha.deb\n Size/MD5 checksum: 27367610 5b031c91101fc26da9fce90649f6af4f\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_alpha.deb\n Size/MD5 checksum: 8406582 2a6b482ac43acc702aba070ac16410f1\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_alpha.deb\n Size/MD5 checksum: 1949566 65956545169d0494303614308dd5fc71\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_alpha.deb\n Size/MD5 checksum: 47356 eacd0a3b3588c14b26806e739e81c003\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_alpha.deb\n Size/MD5 checksum: 8912162 ef51f26850391ea2b46df1e479de7298\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_amd64.deb\n Size/MD5 checksum: 1829436 137139b9722adcad521d72048bc870a0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_amd64.deb\n Size/MD5 checksum: 25937824 d0b8b7d295213217b780d5f78dd48753\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_amd64.deb\n Size/MD5 checksum: 7374926 c86423aa3d5024a1e9829e94686d0a80\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_amd64.deb\n Size/MD5 checksum: 7545502 c28dd59a10fe782a11ed92d4f41e02d3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_amd64.deb\n Size/MD5 checksum: 47334 00c4901d4a7e889d346788668d03b76d\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_hppa.deb\n Size/MD5 checksum: 1919950 77ed051af8da085483401586783168a6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_hppa.deb\n Size/MD5 checksum: 8003408 df40aa6aae5261b7e19389b6aeccd517\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_hppa.deb\n Size/MD5 checksum: 8043764 9f2c5326cbe83478904b5fbb44a566d5\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_hppa.deb\n Size/MD5 checksum: 27053986 748ee990de95a70a1f12bf8d82836458\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_hppa.deb\n Size/MD5 checksum: 47338 2fbe0c22b854160efc3fbe57130d78cc\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb\n Size/MD5 checksum: 7188116 2c7a41713a396c8aecedc8b924f348a1\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb\n Size/MD5 checksum: 6968400 09df50c04d87f934b021188d28a6de56\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb\n Size/MD5 checksum: 1793210 1be98453fe240009dd910bb4f3ce6ecb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb\n Size/MD5 checksum: 25356378 112399fe4ec962c0ed807768880a7770\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb\n Size/MD5 checksum: 47336 c303c553a72e9819ea90efbd04973bbb\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_ia64.deb\n Size/MD5 checksum: 30405568 8daba01d54e639051eb5bffeada3e9cb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_ia64.deb\n Size/MD5 checksum: 9734712 d34c17a16de0cf2746fccb6abc920f84\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_ia64.deb\n Size/MD5 checksum: 2114634 eff36d5639abca158981d0d3b6855da5\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_ia64.deb\n Size/MD5 checksum: 47336 86b6a4b42b83c6e308ac4be5245a1e00\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_ia64.deb\n Size/MD5 checksum: 10338428 67eb004fa1fae7eb752fc3e328f24fc2\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mips.deb\n Size/MD5 checksum: 7655162 fb5957d30c35fcd1e94d478df13d126f\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mips.deb\n Size/MD5 checksum: 26336066 6068caefe4e50c1a0c7c1d2f016cfe89\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mips.deb\n Size/MD5 checksum: 1835184 7d23cc0b5d3d34fc1c965ae416355f07\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mips.deb\n Size/MD5 checksum: 47334 b81bf61ee49f02d6e952e86c1c7ef494\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mips.deb\n Size/MD5 checksum: 7748034 c2265fed6ee82de7a87429aaeb3f3834\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mipsel.deb\n Size/MD5 checksum: 1788816 cda01fa6f2def40f0c947caa8f8c1da2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mipsel.deb\n Size/MD5 checksum: 7639546 afd466efeeddb85feaeef28987c03e35\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mipsel.deb\n Size/MD5 checksum: 47340 d36af99d1b815f62f39149fddcbd27de\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mipsel.deb\n Size/MD5 checksum: 25845048 20a84270663df2b65110a8b669aee37a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mipsel.deb\n Size/MD5 checksum: 7559536 589510f9e026bde91e70c9b4ad78ea6a\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_powerpc.deb\n Size/MD5 checksum: 26161766 9ff509c8158d9f4381843daf29d90cb4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_powerpc.deb\n Size/MD5 checksum: 47336 cbbc6088151475e9003d6ce245e7ea7a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_powerpc.deb\n Size/MD5 checksum: 7511054 c4d1aa7227f49402604aabb82ec391a2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_powerpc.deb\n Size/MD5 checksum: 7572150 f67c846d62cf2da02e073d75f5e97831\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_powerpc.deb\n Size/MD5 checksum: 1831826 d2be47b8486e73a5056b29873fc5f379\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_s390.deb\n Size/MD5 checksum: 7507308 50acb63d4680441570d0180152af6dc4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_s390.deb\n Size/MD5 checksum: 26762652 fe88146edc3286d12fc06596b55fb56a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_s390.deb\n Size/MD5 checksum: 7412232 2d4e9fbce49e7248b91de25f2524a12a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_s390.deb\n Size/MD5 checksum: 1951276 179a3a70d258114616e2aa98b43a7896\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_s390.deb\n Size/MD5 checksum: 47336 f89bb547bf6727493dccff6188c0bacd\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.dsc\n Size/MD5 checksum: 959 79f665363e1949c6848b9ccd79774d08\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz\n Size/MD5 checksum: 9923794 aed8f335795a359f32492159e3edfaa3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.diff.gz\n Size/MD5 checksum: 100288 c8a09fb8a55fb6ae086d80aecc09e5f5\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc\n Size/MD5 checksum: 1021 3e72ca407001f3a821af22528aeb4167\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz\n Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz\n Size/MD5 checksum: 166363 3a827fee8740fbedbe7c114075351847\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-common_4.0.24-10sarge3_all.deb\n Size/MD5 checksum: 34692 ccc11adc92b89539535dadf270d47ffe\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge8_all.deb\n Size/MD5 checksum: 36954 13af7dbf0b5e55c57b22f66611d6f39c\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_alpha.deb\n Size/MD5 checksum: 524476 83c832e4a2c8740a07ec8ecc69850de3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_alpha.deb\n Size/MD5 checksum: 4896532 b9db7c1604c82b49b960266452f179b9\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_alpha.deb\n Size/MD5 checksum: 17499908 f7dbe472481d4404556f8b18c621b02a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_alpha.deb\n Size/MD5 checksum: 4534572 1782d264a4c7702af2d6bc3ca8b08ca4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_alpha.deb\n Size/MD5 checksum: 1005618 89d391d8186f37393b6f6230e9749aa1\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_alpha.deb\n Size/MD5 checksum: 1592832 7e2b8f6c948fd331bbbbde5d9c68d459\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_alpha.deb\n Size/MD5 checksum: 7972820 924ddc2e807ced4e65d84a044d01c101\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_alpha.deb\n Size/MD5 checksum: 356840 49415e6524100bad42d375b8e1a746b5\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_amd64.deb\n Size/MD5 checksum: 3878532 bfd14013a3cfea4ada8c0bb4f61adac5\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_amd64.deb\n Size/MD5 checksum: 3182788 9f16c1b574b822b83af24b083e0bf008\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_amd64.deb\n Size/MD5 checksum: 5552302 68e16ff3668b2a97698f41351d4c5b14\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_amd64.deb\n Size/MD5 checksum: 850010 5746928e2118b74835ea6f9f33a3ff90\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_amd64.deb\n Size/MD5 checksum: 309618 9628c1cb0c3988e7a8ca4c1788e7bbfb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_amd64.deb\n Size/MD5 checksum: 1452492 b5f79b0bcdc6bf3b21b5f766ae94f1d9\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_amd64.deb\n Size/MD5 checksum: 434160 1a89003c4a9d54e9b8942232ee42ce1c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_amd64.deb\n Size/MD5 checksum: 14711934 2176f9ed1b9049b049d6a755f201677a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_hppa.deb\n Size/MD5 checksum: 15791836 18fc8a2cf9f1ff120c50a00579285ba7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_hppa.deb\n Size/MD5 checksum: 1551666 2060ce8666a508dab761c3f6044f9de4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_hppa.deb\n Size/MD5 checksum: 3314510 c3355ecb5c2b96478dea993a48e4ade1\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_hppa.deb\n Size/MD5 checksum: 330088 f81f69b7a00213483a2ee47961b0fa8a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_hppa.deb\n Size/MD5 checksum: 910486 34ce1dd85f8b3102c8320608db2ac49b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_hppa.deb\n Size/MD5 checksum: 6250742 e741c50def86f096fc3e5f33d2546e4b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_hppa.deb\n Size/MD5 checksum: 456142 15f3655a889ab79f32a05a6ec4e6d3eb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_hppa.deb\n Size/MD5 checksum: 3947328 2580ee426cdb77ecb018ad66a2de271a\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_i386.deb\n Size/MD5 checksum: 297144 9d9a3af124735f4f2ddc2bf2d8080441\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_i386.deb\n Size/MD5 checksum: 3652532 dc9c0f6c46d5cf4980626b8bf1478c2b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb\n Size/MD5 checksum: 5645942 e4cf4980b8dcd3ade7f97744ff7cd627\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_i386.deb\n Size/MD5 checksum: 417172 6d0d21ab328bb10704a453018a9fbe0f\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_i386.deb\n Size/MD5 checksum: 1418578 c3c5800beb238eadcb44bc5cae668a09\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_i386.deb\n Size/MD5 checksum: 831594 1e9acc111598dbeae29405174e98f8eb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_i386.deb\n Size/MD5 checksum: 14573956 cf379b4463dc21d6afe6bbc4d66e2e46\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_i386.deb\n Size/MD5 checksum: 2921244 524bcb7f1d70efd731623e0f9a1d60e2\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_ia64.deb\n Size/MD5 checksum: 4472620 c8fc82cd6fde1292e8c8ecaa52010208\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_ia64.deb\n Size/MD5 checksum: 18476390 00d4a9e3dbb4d4aaf6413956f11fda92\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_ia64.deb\n Size/MD5 checksum: 1713832 6a39a0d7365c737be61622837bac5dca\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_ia64.deb\n Size/MD5 checksum: 7783060 37a93f7334445189a7da139eb49823bb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_ia64.deb\n Size/MD5 checksum: 395506 132724ad264cc04490ea24e748ce1851\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_ia64.deb\n Size/MD5 checksum: 5328724 b1b99174117f19d4c4b9c623ed01df56\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_ia64.deb\n Size/MD5 checksum: 1051002 41347335283f500399239a1f1a4775d8\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_ia64.deb\n Size/MD5 checksum: 563102 6b985dc902aae54259452d31df50cd24\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_m68k.deb\n Size/MD5 checksum: 14072444 45218793b9ec9add8c60d7d5b9d5ecff\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_m68k.deb\n Size/MD5 checksum: 1398428 ce0c0458d7823cf25b16597478b4c642\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_m68k.deb\n Size/MD5 checksum: 5284906 3e5fa51be89bd067204ae48559861520\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_m68k.deb\n Size/MD5 checksum: 2665842 ab25785d95a7f3fdadb378be8b06cd0e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_m68k.deb\n Size/MD5 checksum: 804284 6004dfa406aea7d976c66ad16e719ed7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_m68k.deb\n Size/MD5 checksum: 279626 a4b26bba2ac95ad3143151284bfeba94\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_m68k.deb\n Size/MD5 checksum: 390416 eca95af258b0c05d028da111b56a4861\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_m68k.deb\n Size/MD5 checksum: 3293164 f8a2690deb9bfa8aaee3e687da053b8f\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mips.deb\n Size/MD5 checksum: 3182420 da3365e2f5591091b8dac2b0971ecc06\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mips.deb\n Size/MD5 checksum: 6053548 8279dfc879a2b2a59f63600a96fdca39\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mips.deb\n Size/MD5 checksum: 3813468 bdcb203b023634e31be39fd620fdbc2b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mips.deb\n Size/MD5 checksum: 1479412 86378b3184949727fb41c09b4d4ca7c6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mips.deb\n Size/MD5 checksum: 15410656 11b75dc0f14e6f9269c05687619588f6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mips.deb\n Size/MD5 checksum: 904966 5eda6f9a63f4de3822fbdab24b2032a3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mips.deb\n Size/MD5 checksum: 457402 757c58c311483de54a36d08769f9c1a7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mips.deb\n Size/MD5 checksum: 314286 4c4ada1ce8947b6966fcddb5f22f95d5\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mipsel.deb\n Size/MD5 checksum: 890636 ce0dd4c2e900f46d4dc05ad8133e3a88\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mipsel.deb\n Size/MD5 checksum: 3800518 c00e254b7f48ae49290cd7dd31753d7a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mipsel.deb\n Size/MD5 checksum: 5971808 9629c320f1af7853259439fdeae30780\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mipsel.deb\n Size/MD5 checksum: 1446828 6d41d040546857e1f9761f24bab9eda3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mipsel.deb\n Size/MD5 checksum: 457406 652de57a0f442df039cd6d3b1f16d2de\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mipsel.deb\n Size/MD5 checksum: 3170108 e6aebf4bf3d5104ccc17344b45c57d6d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mipsel.deb\n Size/MD5 checksum: 15105928 b9763453f6182b1d455318a3c33d1530\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mipsel.deb\n Size/MD5 checksum: 313988 491f203b6400811b9e1e36564bc6ddde\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_powerpc.deb\n Size/MD5 checksum: 3842466 2917a7734614ffda7b05b7c405601aee\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_powerpc.deb\n Size/MD5 checksum: 464746 c27ca4aef0faba749ed9884a29426264\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_powerpc.deb\n Size/MD5 checksum: 3184324 cfad0b1cbf4755e0207f499d8b7d8888\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_powerpc.deb\n Size/MD5 checksum: 907956 524cb85860e1095c7f51cf9f99e41fe7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_powerpc.deb\n Size/MD5 checksum: 15403470 ab134b91f282ef187b9a1b8111b232ee\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_powerpc.deb\n Size/MD5 checksum: 315226 16e34511be65bced2891ad6c802758ee\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_powerpc.deb\n Size/MD5 checksum: 6028094 a40f646aabe6fac0fed85d68e0f2e8af\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_powerpc.deb\n Size/MD5 checksum: 1477348 4912345b9fa0387a45145c4a57943e90\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_s390.deb\n Size/MD5 checksum: 15055668 d9676ace09d308e85753c9948bf71260\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_s390.deb\n Size/MD5 checksum: 442530 5a5979fc69d824957df213a5359817af\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_s390.deb\n Size/MD5 checksum: 2830430 1c10f46c702ac43421dab5fd31c99222\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_s390.deb\n Size/MD5 checksum: 3665930 9e8d73a35f26940bf5ad761a7fbc2cc9\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_s390.deb\n Size/MD5 checksum: 5461984 d678870cdf69e36fa48f9e7805c8d226\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_s390.deb\n Size/MD5 checksum: 1539020 499b59166b4fb0645baa3cdb2640f9bb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_s390.deb\n Size/MD5 checksum: 884768 e1a53219771e9cda40724ef31d5aeb5a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_s390.deb\n Size/MD5 checksum: 324802 3c008c24e23b9388800c735085a2bffd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_sparc.deb\n Size/MD5 checksum: 1460892 671fb72c4664b823d92a967fe62a6def\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_sparc.deb\n Size/MD5 checksum: 430132 53e0deb3e36c605c6e23e1f997ff1cfe\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_sparc.deb\n Size/MD5 checksum: 304778 5b7dcd84615b8d05da23e7a0aaf7d24b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_sparc.deb\n Size/MD5 checksum: 15392390 3316fb8ca5d77ab41217556778e27a6c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_sparc.deb\n Size/MD5 checksum: 3270084 c5639359a39f097fabbd579ddf9dcf9f\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_sparc.deb\n Size/MD5 checksum: 868724 1fdb7040fdae0efdbc0efe4a69a12ffb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_sparc.deb\n Size/MD5 checksum: 6208522 7ca5e1f738d1071826f860343273d97a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_sparc.deb\n Size/MD5 checksum: 3821768 3910007d21f7e4227b5bef66f8a4b54c\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2007-11-26T00:00:00", "title": "[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:14", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-2583", "CVE-2007-3780", "CVE-2007-5925", "CVE-2007-3782", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2007-11-26T00:00:00", "id": "DEBIAN:DSA-1413-1:E917F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00193.html", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:40:44", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-server-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-devel-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-bench-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "x86_64", "packageFilename": "mysql-test-5.0.45-7.el5.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-server-5.0.45-7.el5.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-devel-5.0.45-7.el5.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-devel-5.0.45-7.el5.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-5.0.45-7.el5.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-5.0.45-7.el5.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-test-5.0.45-7.el5.i386.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "src", "packageFilename": "mysql-5.0.45-7.el5.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "src", "packageFilename": "mysql-5.0.45-7.el5.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.45-7.el5", "arch": "i386", "packageFilename": "mysql-bench-5.0.45-7.el5.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}], "description": "[5.0.45-7]\n- Adjust thread stack requests to allow for platform-specific guard page size;\n necessary to prevent stack overrun on PPC with RHEL5's 64K page size.\nResolves: #435391\n- Remove calendar-dependent queries from 'view' test; necessary to get\n regression tests to pass after 2007.\n[5.0.45-6]\n- Back-port upstream fixes for CVE-2007-5925, CVE-2007-5969, CVE-2007-6303.\nResolves: #422211\n[5.0.45-1]\n- Update to MySQL 5.0.45\nResolves: #256501, #240813, #246309, #254012\nResolves: #280811, #316451, #349121, #367131\n- Synchronize with current Fedora package, which is pretty well tested by now;\n see past bzs 245770, 241912, 233771, 221085, 223713, 203910, 193559, 199368\n[5.0.22-3]\n- Fix CVE-2007-3780: remote DOS via bad password length byte\nResolves: #257681", "edition": 3, "reporter": "Oracle", "published": "2008-05-30T00:00:00", "title": "mysql security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2007-6303", "CVE-2007-2583", "CVE-2007-3780", "CVE-2006-7232", "CVE-2006-4227", "CVE-2007-3781", "CVE-2006-4031", "CVE-2007-1420", "CVE-2007-5925", "CVE-2007-3782", "CVE-2007-5969", "CVE-2006-0903", "CVE-2007-2692", "CVE-2007-2691"], "modified": "2008-05-30T00:00:00", "id": "ELSA-2008-0364", "href": "http://linux.oracle.com/errata/ELSA-2008-0364.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
