Search...

SuSE 10 Security Update : MySQL (ZYPP Patch Number 6899)

2010-10-11T00:00:00
ID SUSE_MYSQL-6899.NASL
Type nessus
Reporter Tenable
Modified 2016-12-22T00:00:00

Description

This update fixes various security issues (bnc#557669) :

upstream #47320 - checking server certificates (CVE-2009-4028) upstream #48291 - error handling in subqueries (CVE-2009-4019) upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) upstream #39277 - symlink behaviour fixed (CVE-2008-7247) upstream #32167 - symlink behaviour refixed (CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include("compat.inc");

if (description)
{
  script_id(49903);
  script_version ("$Revision: 1.7 $");
  script_cvs_date("$Date: 2016/12/22 20:42:28 $");

  script_cve_id("CVE-2008-7247", "CVE-2009-4019", "CVE-2009-4028", "CVE-2009-4030", "CVE-2009-4484");

  script_name(english:"SuSE 10 Security Update : MySQL (ZYPP Patch Number 6899)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes various security issues (bnc#557669) :

upstream #47320 - checking server certificates (CVE-2009-4028)
upstream #48291 - error handling in subqueries (CVE-2009-4019)
upstream #47780 - preserving null_value flag in GeomFromWKB()
(CVE-2009-4019) upstream #39277 - symlink behaviour fixed
(CVE-2008-7247) upstream #32167 - symlink behaviour refixed
(CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2008-7247.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-4019.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-4028.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-4030.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-4484.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6899.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'MySQL yaSSL CertDecoder::GetName Buffer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_cwe_id(20, 59, 119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:3, reference:"mysql-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLED10", sp:3, reference:"mysql-client-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLED10", sp:3, reference:"mysql-devel-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLED10", sp:3, reference:"mysql-shared-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLED10", sp:3, cpu:"x86_64", reference:"mysql-shared-32bit-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"mysql-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"mysql-Max-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"mysql-client-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"mysql-devel-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"mysql-shared-5.0.26-12.28.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, cpu:"x86_64", reference:"mysql-shared-32bit-5.0.26-12.28.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
JSON Vulners Source
Initial Source


All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2018
Protected by