Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2008-149.NASL
HistoryApr 23, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : mysql (MDVSA-2008:149)

2009-04-2300:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
13

4.6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

15.9%

JSON

Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges (CVE-2008-2079).

The updated packages have been patched to correct this issue.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2008:149. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(37407);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2008-2079");
  script_bugtraq_id(29106);
  script_xref(name:"MDVSA", value:"2008:149");

  script_name(english:"Mandriva Linux Security Advisory : mysql (MDVSA-2008:149)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Sergei Golubchik found that MySQL did not properly validate optional
data or index directory paths given in a CREATE TABLE statement; as
well it would not, under certain conditions, prevent two databases
from using the same paths for data or index files. This could allow an
authenticated user with appropriate privilege to create tables in one
database to read and manipulate data in tables later created in other
databases, regardless of GRANT privileges (CVE-2008-2079).

The updated packages have been patched to correct this issue."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-max");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-management");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/07/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64mysql-devel-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64mysql-static-devel-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64mysql15-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libmysql-devel-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libmysql-static-devel-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libmysql15-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-bench-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-client-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-common-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-doc-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-max-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-extra-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-management-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-storage-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-tools-5.0.51a-8.1mdv2008.1", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxlib64mysql-develp-cpe:/a:mandriva:linux:lib64mysql-devel
mandrivalinuxlib64mysql-static-develp-cpe:/a:mandriva:linux:lib64mysql-static-devel
mandrivalinuxlib64mysql15p-cpe:/a:mandriva:linux:lib64mysql15
mandrivalinuxlibmysql-develp-cpe:/a:mandriva:linux:libmysql-devel
mandrivalinuxlibmysql-static-develp-cpe:/a:mandriva:linux:libmysql-static-devel
mandrivalinuxlibmysql15p-cpe:/a:mandriva:linux:libmysql15
mandrivalinuxmysqlp-cpe:/a:mandriva:linux:mysql
mandrivalinuxmysql-benchp-cpe:/a:mandriva:linux:mysql-bench
mandrivalinuxmysql-clientp-cpe:/a:mandriva:linux:mysql-client
mandrivalinuxmysql-commonp-cpe:/a:mandriva:linux:mysql-common
Rows per page:
1-10 of 171

Related

nessus 34
openvas 50
redhat 4
ubuntucve 3
cve 3
seebug 1
cvelist 3
nvd 3
gentoo 1
veracode 1
prion 3
freebsd 2
debian 1
osv 1
redhatcve 1
securityvulns 2
ubuntu 1
oraclelinux 2
centos 1
suse 1
nessus
nessus
Debian DSA-1608-1 : mysql-dfsg-5.0 - authorization bypass
2008-07-15 00:00:00
MySQL 4.1 < 4.1.24 MyISAM Create Table Privilege Check Bypass
2008-05-09 00:00:00
GLSA-200809-04 : MySQL: Privilege bypass
2008-09-05 00:00:00
openvas
openvas
Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
2008-07-15 00:00:00
Mandriva Update for mysql MDVSA-2008:149 (mysql)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200809-04 (mysql)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2008:0510) Moderate: Red Hat Application Stack v1.3 security and enhancement update
2008-07-02 00:00:00
(RHSA-2009:1289) Moderate: mysql security and bug fix update
2009-09-02 09:47:12
(RHSA-2008:0768) Moderate: mysql security, bug fix, and enhancement update
2008-07-24 00:00:00
ubuntucve
ubuntucve
CVE-2008-2079
2008-05-05 00:00:00
CVE-2008-4097
2008-09-18 00:00:00
CVE-2009-4030
2009-11-30 00:00:00
cve
cve
CVE-2008-2079
2008-05-05 16:20:00
CVE-2008-4097
2008-09-18 15:04:27
CVE-2009-4030
2009-11-30 17:30:00
seebug
seebug
MySQL MyISAM葨绕过权限检ζŸ₯漏洞
2008-05-12 00:00:00
cvelist
cvelist
CVE-2008-2079
2008-05-05 16:00:00
CVE-2008-4097
2008-09-17 18:06:00
CVE-2009-4030
2009-11-30 17:00:00
nvd
nvd
CVE-2008-2079
2008-05-05 16:20:00
CVE-2008-4097
2008-09-18 15:04:27
CVE-2009-4030
2009-11-30 17:30:00
gentoo
gentoo
MySQL: Privilege bypass
2008-09-04 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:22:36
prion
prion
Privilege escalation
2008-05-05 16:20:00
Privilege escalation
2008-09-18 15:04:00
Privilege escalation
2009-11-30 17:30:00
freebsd
freebsd
mysql -- MyISAM table privileges security bypass vulnerability
2008-05-05 00:00:00
mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths
2008-07-03 00:00:00
debian
debian
[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass
2008-07-13 04:55:16
osv
osv
mysql-dfsg-5.0 - authorization bypass
2008-07-13 00:00:00
redhatcve
redhatcve
CVE-2008-4097
2015-10-30 10:30:27
securityvulns
securityvulns
MySQL privilege escalation
2008-11-10 00:00:00
[ MDVSA-2010:012 ] mysql
2010-01-19 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2008-11-17 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2009-09-08 00:00:00
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
centos
centos
mysql security update
2009-09-15 18:28:45
suse
suse
remote code execution in openwsman
2008-08-14 18:02:43

4.6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

15.9%

JSON
Related for MANDRIVA_MDVSA-2008-149.NASL
nessus34openvas50redhat4ubuntucve3cve3seebug1cvelist3nvd3gentoo1veracode1prion3freebsd2debian1osv1redhatcve1securityvulns2ubuntu1oraclelinux2centos1suse1