Lucene search

K

Slackware: Security Advisory (SSA:2007-348-01)

πŸ—“οΈΒ 10 Sep 2012Β 00:00:00Reported byΒ Copyright (C) 2012 Greenbone AGTypeΒ 
openvas
Β openvas
πŸ”—Β plugins.openvas.orgπŸ‘Β 15Β Views

The remote host is missing an update for the 'mysql' package(s) announced via the SSA:2007-348-01 advisory. New mysql packages are available for Slackware 11.0, 12.0, and -current to fix bugs and security issues

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
OpenVAS
Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
9 Apr 200900:00
–openvas
OpenVAS
Slackware Advisory SSA:2007-348-01 mysql
11 Sep 201200:00
–openvas
OpenVAS
Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
9 Apr 200900:00
–openvas
OpenVAS
Ubuntu: Security Advisory (USN-559-1)
23 Mar 200900:00
–openvas
OpenVAS
Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
23 Mar 200900:00
–openvas
OpenVAS
CentOS Update for mysql CESA-2007:1155 centos4 i386
27 Feb 200900:00
–openvas
OpenVAS
RedHat Update for mysql RHSA-2007:1155-01
6 Mar 200900:00
–openvas
OpenVAS
CentOS Update for mysql CESA-2007:1155 centos4 x86_64
27 Feb 200900:00
–openvas
OpenVAS
CentOS Update for mysql CESA-2007:1155 centos4 x86_64
27 Feb 200900:00
–openvas
OpenVAS
Oracle: Security Advisory (ELSA-2007-1155)
8 Oct 201500:00
–openvas
Rows per page
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.60017");
  script_cve_id("CVE-2007-3781", "CVE-2007-5925", "CVE-2007-5969");
  script_tag(name:"creation_date", value:"2012-09-10 23:34:21 +0000 (Mon, 10 Sep 2012)");
  script_version("2025-01-14T05:37:02+0000");
  script_tag(name:"last_modification", value:"2025-01-14 05:37:02 +0000 (Tue, 14 Jan 2025)");
  script_tag(name:"cvss_base", value:"7.1");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:S/C:C/I:C/A:C");

  script_name("Slackware: Security Advisory (SSA:2007-348-01)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("Slackware Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack", re:"ssh/login/release=SLK(11\.0|12\.0|current)");

  script_xref(name:"Advisory-ID", value:"SSA:2007-348-01");
  script_xref(name:"URL", value:"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959");
  script_xref(name:"URL", value:"http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'mysql' package(s) announced via the SSA:2007-348-01 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"New mysql packages are available for Slackware 11.0, 12.0, and -current to
fix bugs and security issues.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

 [links moved to references]

And more information (including about a potentially incompatible change) may
be found in the release notes:

 [link moved to references]


Here are the details from the Slackware 12.0 ChangeLog:
+--------------------------+
patches/packages/mysql-5.0.51-i486-1_slack12.0.tgz:
 Upgraded to mysql-5.0.51.
 This release fixes several bugs, including some security issues.
 However, it also includes a potentially incompatible change, so be sure
 to read the release notes before upgrading. It is possible that some
 databases will need to be fixed in order to work with this (and future)
 releases:
 [link moved to references]
 For more information about the security issues fixed, see:
 [links moved to references]
 (* Security fix *)
+--------------------------+");

  script_tag(name:"affected", value:"'mysql' package(s) on Slackware 11.0, Slackware 12.0, Slackware current.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-slack.inc");

release = slk_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "SLK11.0") {

  if(!isnull(res = isslkpkgvuln(pkg:"mysql", ver:"5.0.51-i486-1_slack11.0", rls:"SLK11.0"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLK12.0") {

  if(!isnull(res = isslkpkgvuln(pkg:"mysql", ver:"5.0.51-i486-1_slack12.0", rls:"SLK12.0"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "SLKcurrent") {

  if(!isnull(res = isslkpkgvuln(pkg:"mysql", ver:"5.0.51-i486-1", rls:"SLKcurrent"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo