Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2009-159.NASL
HistoryJul 28, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : mysql (MDVSA-2009:159)

2009-07-2800:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
19
JSON

A vulnerability has been found and corrected in mysql :

Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third-party information (CVE-2009-2446).

This update provides fixes for this vulnerability.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2009:159. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40397);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2009-2446");
  script_bugtraq_id(35609);
  script_xref(name:"MDVSA", value:"2009:159");

  script_name(english:"Mandriva Linux Security Advisory : mysql (MDVSA-2009:159)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability has been found and corrected in mysql :

Multiple format string vulnerabilities in the dispatch_command
function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through
5.0.83 allow remote authenticated users to cause a denial of service
(daemon crash) and possibly have unspecified other impact via format
string specifiers in a database name in a (1) COM_CREATE_DB or (2)
COM_DROP_DB request. NOTE: some of these details are obtained from
third-party information (CVE-2009-2446).

This update provides fixes for this vulnerability."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(134);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-max");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-management");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/07/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64mysql-devel-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64mysql-static-devel-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64mysql15-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libmysql-devel-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libmysql-static-devel-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libmysql15-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-bench-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-client-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-common-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-doc-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-max-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-extra-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-management-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-storage-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", reference:"mysql-ndb-tools-5.0.51a-8.3mdv2008.1", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64mysql-devel-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64mysql-static-devel-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64mysql15-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libmysql-devel-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libmysql-static-devel-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libmysql15-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-bench-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-client-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-common-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-doc-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-max-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-ndb-extra-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-ndb-management-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-ndb-storage-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"mysql-ndb-tools-5.0.84-0.2mdv2009.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxlib64mysql-develp-cpe:/a:mandriva:linux:lib64mysql-devel
mandrivalinuxlib64mysql-static-develp-cpe:/a:mandriva:linux:lib64mysql-static-devel
mandrivalinuxlib64mysql15p-cpe:/a:mandriva:linux:lib64mysql15
mandrivalinuxlibmysql-develp-cpe:/a:mandriva:linux:libmysql-devel
mandrivalinuxlibmysql-static-develp-cpe:/a:mandriva:linux:libmysql-static-devel
mandrivalinuxlibmysql15p-cpe:/a:mandriva:linux:libmysql15
mandrivalinuxmysqlp-cpe:/a:mandriva:linux:mysql
mandrivalinuxmysql-benchp-cpe:/a:mandriva:linux:mysql-bench
mandrivalinuxmysql-clientp-cpe:/a:mandriva:linux:mysql-client
mandrivalinuxmysql-commonp-cpe:/a:mandriva:linux:mysql-common
Rows per page:
1-10 of 181

Related

veracode 1
cvelist 1
ubuntucve 1
openvas 40
nessus 21
altlinux 1
prion 1
checkpoint_advisories 1
cve 1
securityvulns 1
debian 1
fedora 1
redhat 3
oraclelinux 2
centos 2
seebug 1
ubuntu 2
gentoo 1
threatpost 1
veracode
veracode
Authorization Bypass
2020-04-10 00:37:01
cvelist
cvelist
CVE-2009-2446
2009-07-13 17:00:00
ubuntucve
ubuntucve
CVE-2009-2446
2009-07-13 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:179 (mysql)
2009-08-17 00:00:00
MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
2009-07-17 00:00:00
Mandrake Security Advisory MDVSA-2009:159 (mysql)
2009-07-29 00:00:00
nessus
nessus
MySQL < 5.0.83 Denial of Service
2012-01-16 00:00:00
Debian DSA-1877-1 : mysql-dfsg-5.0 - denial of service/execution of arbitrary code
2010-02-24 00:00:00
openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-6360)
2009-10-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.89-alt1
2010-01-25 00:00:00
prion
prion
Format string
2009-07-13 17:30:00
checkpoint_advisories
checkpoint_advisories
Sun MySQL mysql_log Format String (CVE-2009-2446)
2010-02-03 00:00:00
cve
cve
CVE-2009-2446
2009-07-13 17:30:00
securityvulns
securityvulns
MySQL format string vulnerabilities
2009-07-27 00:00:00
debian
debian
[SECURITY] [DSA 1877-1] New mysql-dfsg-5.0 packages fix arbitrary code execution
2009-09-02 18:21:08
fedora
fedora
[SECURITY] Fedora 10 Update: mysql-5.0.88-1.fc10
2009-12-11 18:23:58
redhat
redhat
(RHSA-2010:0110) Moderate: mysql security update
2010-02-16 00:00:00
(RHSA-2009:1289) Moderate: mysql security and bug fix update
2009-09-02 09:47:12
(RHSA-2009:1461) Important: Red Hat Application Stack v2.4 security and enhancement update
2009-09-23 00:00:00
oraclelinux
oraclelinux
mysql security update
2010-02-16 00:00:00
mysql security and bug fix update
2009-09-08 00:00:00
centos
centos
mysql security update
2010-02-17 16:42:25
mysql security update
2009-09-15 18:28:45
seebug
seebug
MySQL vulnerabilities
2010-02-13 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2010-02-10 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
JSON
Related for MANDRIVA_MDVSA-2009-159.NASL
veracode1cvelist1ubuntucve1openvas40nessus21altlinux1prion1checkpoint_advisories1cve1securityvulns1debian1fedora1redhat3oraclelinux2centos2seebug1ubuntu2gentoo1threatpost1