105 matches found
SLES9: Security update for MySQL
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mysql mysql-Max mysql-client mysql-devel mysql-shared For more information, please visit the referenced security advisories. More details may also be found b...
SuSE9 Security Update : MySQL (YOU Patch Number 12256)
Due a flaw users could access tables of other users. CVE-2008-4097, CVE-2008-4098 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41243; scriptversion"1.11";...
openSUSE Security Update : libmysqlclient-devel (libmysqlclient-devel-210)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. This update also fixes problems with the 'ORDER BY' query %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
Mandrake Security Advisory MDVSA-2009:094 (mysql)
The remote host is missing an update to mysql announced via advisory MDVSA-2009:094. OpenVAS Vulnerability Test $Id: mdksa2009094.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:094 mysql Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:094 (mysql)
The remote host is missing an update to mysql announced via advisory MDVSA-2009:094. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
MySQL MyISAM Table Privileges Security Bypass Vulnerability
According to its version number, the remote version of MySQL is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Mandriva Linux Security Advisory : mysql (MDVSA-2009:094)
Multiple vulnerabilities has been found and corrected in mysql : MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' b single-quote single-quote token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service daemon...
SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3)
The remote host is missing updates announced in advisory SUSE-SR:2009:001. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
FreeBSD Ports: mysql-server
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-5619)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. This update also fixes the previously broken mysqlhotcopy script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
openSUSE 10 Security Update : mysql (mysql-5613)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
The remote host is missing an update to mysql-dfsg-5.0 announced via advisory DSA 1662-1. OpenVAS Vulnerability Test $Id: deb16621.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1662-1 mysql-dfsg-5.0 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
USN-671-1: MySQL vulnerabilities
It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL...
MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass
The version of MySQL Enterprise Server 5.0 installed on the remote host is earlier than 5.0.70. In such versions, it is possible for a local user to circumvent privileges through the creation of MyISAM tables employing the 'DATA DIRECTORY' and 'INDEX DIRECTORY' options to overwrite existing table...
[SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass
------------------------------------------------------------------------ Debian Security Advisory DSA-1662-1 [email protected] http://www.debian.org/security/ Devin Carraway November 06, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass
------------------------------------------------------------------------ Debian Security Advisory DSA-1662-1 [email protected] http://www.debian.org/security/ Devin Carraway November 06, 2008 http://www.debian.org/security/faq -...
Debian DSA-1662-1 : mysql-dfsg-5.0 - authorization bypass
A symlink traversal vulnerability was discovered in MySQL, a relational database server. The weakness could permit an attacker having both CREATE TABLE access to a database and the ability to execute shell commands on the database server to bypass MySQL access controls, enabling them to write to...
DSA-1662-1 mysql-dfsg-5.0 - authorization bypass
Bulletin has no description...
CVE-2008-4098
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time a...
CVE-2008-4098
CVE-2008-4098 affects MySQL (older 5.0.x) where an attacker with CREATE/ DROP privileges could bypass privilege checks by issuing CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments tied to pathnames without symlinks, potentially referencing a table created la...