Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2007:0083
HistoryFeb 19, 2007 - 12:00 a.m.

(RHSA-2007:0083) Low: mysql security update

2007-02-1900:00:00
access.redhat.com
16

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

89.5%

JSON

Several minor security issues were found in MySQL:

MySQL allowed remote authenticated users to create or access a database
when the database name differed only in case from a database for which they
had permissions. (CVE-2006-4226)

MySQL evaluated arguments in the wrong security context which allowed
remote authenticated users to gain privileges through a routine that had
been made available using GRANT EXECUTE. (CVE-2006-4227)

MySQL allowed a local user to access a table through a previously created
MERGE table, even after the user’s privileges were revoked for the original
table, which might violate intended security policy. (CVE-2006-4031)

MySQL allowed authenticated users to cause a denial of service (crash) via
a NULL second argument to the str_to_date function. (CVE-2006-3081)

MySQL allowed local authenticated users to bypass logging mechanisms via
SQL queries that contain the NULL character, which were not properly
handled by the mysql_real_query function. (CVE-2006-0903)

Users of MySQL should upgrade to these updated packages, which resolve
these issues.

OSVersionArchitecturePackageVersionFilename
RedHat4x86_64mysql-bench< 5.0.30-1.el4s1.1mysql-bench-5.0.30-1.el4s1.1.x86_64.rpm
RedHat4i386mysql-bench< 5.0.30-1.el4s1.1mysql-bench-5.0.30-1.el4s1.1.i386.rpm
RedHat4i386mysql-test< 5.0.30-1.el4s1.1mysql-test-5.0.30-1.el4s1.1.i386.rpm
RedHat4x86_64mysql< 5.0.30-1.el4s1.1mysql-5.0.30-1.el4s1.1.x86_64.rpm
RedHat4x86_64mysql-devel< 5.0.30-1.el4s1.1mysql-devel-5.0.30-1.el4s1.1.x86_64.rpm
RedHat4i386mysql< 5.0.30-1.el4s1.1mysql-5.0.30-1.el4s1.1.i386.rpm
RedHat4i386mysql-server< 5.0.30-1.el4s1.1mysql-server-5.0.30-1.el4s1.1.i386.rpm
RedHat4x86_64mysql-test< 5.0.30-1.el4s1.1mysql-test-5.0.30-1.el4s1.1.x86_64.rpm
RedHat4i386mysql-devel< 5.0.30-1.el4s1.1mysql-devel-5.0.30-1.el4s1.1.i386.rpm
RedHat4x86_64mysql-server< 5.0.30-1.el4s1.1mysql-server-5.0.30-1.el4s1.1.x86_64.rpm

Related

nessus 34
openvas 23
ubuntu 4
veracode 5
ubuntucve 5
cve 5
freebsd 2
redhat 4
prion 1
oraclelinux 3
centos 2
altlinux 1
checkpoint_advisories 3
osv 5
debian 7
securityvulns 1
nessus
nessus
openSUSE 10 Security Update : mysql (mysql-2075)
2007-10-17 00:00:00
SuSE 10 Security Update : mysql (ZYPP Patch Number 2073)
2007-12-13 00:00:00
Ubuntu 6.06 LTS : mysql-dfsg-5.0 vulnerabilities (USN-338-1)
2007-11-10 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-338-1)
2022-08-26 00:00:00
SLES9: Security update for mysql
2009-10-10 00:00:00
SLES9: Security update for mysql
2009-10-10 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2006-09-05 00:00:00
MySQL vulnerability
2006-05-15 00:00:00
MySQL vulnerability
2006-04-27 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:14:19
Privilege Escalation
2020-04-10 00:14:20
Unauthorized Access
2020-04-10 00:14:20
ubuntucve
ubuntucve
CVE-2006-4031
2006-08-09 00:00:00
CVE-2006-4227
2006-08-18 00:00:00
CVE-2006-0903
2006-02-27 00:00:00
cve
cve
CVE-2006-4031
2006-08-09 22:04:00
CVE-2006-4226
2006-08-18 20:04:00
CVE-2006-4227
2006-08-18 20:04:00
freebsd
freebsd
mysql -- database suid privilege escalation
2006-03-29 00:00:00
mysql -- database "case-sensitive" privilege escalation
2006-08-09 00:00:00
redhat
redhat
(RHSA-2007:0152) Moderate: mysql security update
2007-04-03 00:00:00
(RHSA-2008:0364) Low: mysql security and bug fix update
2008-05-20 00:00:00
(RHSA-2006:0544) mysql security update
2006-06-09 00:00:00
prion
prion
Design/Logic Flaw
2006-02-27 23:02:00
oraclelinux
oraclelinux
Moderate: mysql security update
2007-04-04 00:00:00
mysql security and bug fix update
2008-05-30 00:00:00
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
centos
centos
mysql security update
2007-04-04 00:06:56
mysql security update
2006-06-09 17:37:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.18-alt2
2006-04-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against MySQL Server str_to_date DoS Vulnerability
2006-07-05 00:00:00
Security Best Practice: Protection against Multiple MySQL Vulnerabilities
2006-05-21 00:00:00
Update Protection against Multiple MySQL Query Commands Vulnerabilities
2006-11-13 00:00:00
osv
osv
mysql-dfsg-4.1 - several
2006-09-05 00:00:00
mysql-dfsg-4.1 - several vulnerabilities
2006-07-18 00:00:00
mysql - several vulnerabilities
2006-05-22 00:00:00
debian
debian
[SECURITY] [DSA 1169-1] New MySQL 4.1 packages fix several vulnerabilities
2006-09-05 06:08:29
[SECURITY] [DSA 1112-1] New mysql-dfsg-4.1 packages fix denial of service
2006-07-17 23:20:30
[SECURITY] [DSA 1071-1] New MySQL 3.23 packages fix several vulnerabilities
2006-05-22 09:30:15
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA06-208A -- Mozilla Products Contain Multiple Vulnerabilities
2006-07-28 00:00:00

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

89.5%

JSON
Related for RHSA-2007:0083
nessus34openvas23ubuntu4veracode5ubuntucve5cve5freebsd2redhat4prion1oraclelinux3centos2altlinux1checkpoint_advisories3osv5debian7securityvulns1