Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2002-087.NASLHistoryJul 31, 2004 - 12:00 a.m.
Mandrake Linux Security Advisory : MySQL (MDKSA-2002:087)
2004-07-3100:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
15
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.129
Percentile
95.5%
Two vulnerabilities were discovered in all versions of MySQL prior to 3.23.53a and 4.0.5a by Stefan Esser. The first can be used by any valid MySQL user to crash the MySQL server, the other allows anyone to bypass the MySQL password check or execute arbitrary code with the privilege of the user running mysqld. Another two vulnerabilities were found, one an arbitrary size heap overflow in the mysql client library and another that allows one to write ‘�’ to any memory address.
Both of these flaws could allow DOS attacks or arbitary code execution within anything linked against libmysqlclient.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2002:087.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(13985);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2002-1373", "CVE-2002-1374", "CVE-2002-1375", "CVE-2002-1376");
script_xref(name:"MDKSA", value:"2002:087");
script_name(english:"Mandrake Linux Security Advisory : MySQL (MDKSA-2002:087)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Two vulnerabilities were discovered in all versions of MySQL prior to
3.23.53a and 4.0.5a by Stefan Esser. The first can be used by any
valid MySQL user to crash the MySQL server, the other allows anyone to
bypass the MySQL password check or execute arbitrary code with the
privilege of the user running mysqld. Another two vulnerabilities were
found, one an arbitrary size heap overflow in the mysql client library
and another that allows one to write '�' to any memory address.
Both of these flaws could allow DOS attacks or arbitary code execution
within anything linked against libmysqlclient."
);
# http://security.e-matters.de/advisories/042002.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?3b0e0138"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:MySQL");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:MySQL-Max");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:MySQL-bench");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:MySQL-client");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:MySQL-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:MySQL-shared");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql10");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql10-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");
script_set_attribute(attribute:"patch_publication_date", value:"2002/12/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"MySQL-3.23.31-1.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"MySQL-bench-3.23.31-1.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"MySQL-client-3.23.31-1.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"MySQL-devel-3.23.31-1.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"MySQL-shared-3.23.31-1.3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"MySQL-3.23.36-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"MySQL-bench-3.23.36-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"MySQL-client-3.23.36-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"MySQL-devel-3.23.36-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"MySQL-shared-3.23.36-2.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"MySQL-3.23.41-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"MySQL-bench-3.23.41-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"MySQL-client-3.23.41-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"MySQL-devel-3.23.41-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"MySQL-shared-3.23.41-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"MySQL-3.23.47-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"MySQL-bench-3.23.47-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"MySQL-client-3.23.47-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libmysql10-3.23.47-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libmysql10-devel-3.23.47-5.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"MySQL-3.23.52-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"MySQL-Max-3.23.52-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"MySQL-bench-3.23.52-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"MySQL-client-3.23.52-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libmysql10-3.23.52-1.2mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libmysql10-devel-3.23.52-1.2mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | mysql | p-cpe:/a:mandriva:linux:mysql |
| mandriva | linux | mysql-max | p-cpe:/a:mandriva:linux:mysql-max |
| mandriva | linux | mysql-bench | p-cpe:/a:mandriva:linux:mysql-bench |
| mandriva | linux | mysql-client | p-cpe:/a:mandriva:linux:mysql-client |
| mandriva | linux | mysql-devel | p-cpe:/a:mandriva:linux:mysql-devel |
| mandriva | linux | mysql-shared | p-cpe:/a:mandriva:linux:mysql-shared |
| mandriva | linux | libmysql10 | p-cpe:/a:mandriva:linux:libmysql10 |
| mandriva | linux | libmysql10-devel | p-cpe:/a:mandriva:linux:libmysql10-devel |
| mandrakesoft | mandrake_linux | 7.2 | cpe:/o:mandrakesoft:mandrake_linux:7.2 |
| mandrakesoft | mandrake_linux | 8.0 | cpe:/o:mandrakesoft:mandrake_linux:8.0 |
Related
nessus
nessus
Debian DSA-212-1 : mysql - multiple problems
2004-09-29 00:00:00
RHEL 2.1 : mysql (RHSA-2002:289)
2004-07-06 00:00:00
MySQL < 3.23.54 / 4.0.6 Multiple Vulnerabilities
2002-12-12 00:00:00
openvas
openvas
Debian Security Advisory DSA 212-1 (mysql)
2008-01-17 00:00:00
Debian Security Advisory DSA 212-1 (mysql)
2008-01-17 00:00:00
redhat
redhat
(RHSA-2002:289) mysql security update
2003-02-06 00:00:00
osv
osv
mysql - multiple problems
2002-12-17 00:00:00
suse
suse
remote command execution in mysql
2003-01-02 14:34:03
debian
debian
[SECURITY] [DSA-212-1] Multiple MySQL vulnerabilities
2002-12-17 11:55:56
nvd
nvd
cvelist
cvelist
cve
cve
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.129
Percentile
95.5%
Related for MANDRAKE_MDKSA-2002-087.NASL