USN-1703-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.67 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.29. In addition to security fixes, th...

SUSE-SU-2015:1177-2 Security update for MySQL

A stack-based buffer overflow in MySQL has been fixed that could have caused a Denial of Service or potentially allowed the execution of arbitrary code CVE-2012-5611. Security Issue references: CVE-2012-5615 CVE-2012-5615 CVE-2012-5613 CVE-2012-5612 CVE-2012-5611...

MySQL FILE privilege elevation

Added: 12/21/2012 CVE: CVE-2012-5613 BID: 56771 OSVDB: 88118 Background MySQL is an open-source database software package available for multiple platforms. Problem A database user who has FILE permission can write arbitrary files to the file system, leading to privilege elevation. Resolution Revo...

mysql-audit NSE Script

Audits MySQL database server security configuration against parts of the CIS MySQL v1.0.2 benchmark the engine can be used for other MySQL audits by creating appropriate audit files. Script Arguments mysql-audit.password the password with which to connect to the database mysql-audit.username the...

[ MDVSA-2010:155-1 ] mysql

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:155-1 http://www.mandriva.com/security/ Package : mysql Date : November 8, 2010 Affected: 2009.1 Problem Description: Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allow...

CentOS Update for mysql CESA-2010:0110 centos4 i386

Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2010:0110 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Oracle MySQL 6.0 < 6.0.9 CREATE TABLE Security Bypass

Binary data 5333.prm...

MySQL SHA1 Hash Brute Forcer

!/usr/bin/env python import sys try: import hashlib except ImportError: print ''' You need hashlib. Update your python to version 2.5\n''' sys.exit1 def license: '''Print the usage license to this software, yeah, it's the same as above''' print ''' %s - MySQL double SHA1 hash wordlist brute force...

MonAlbum 0.87 Upload Shell / Password Grabber Exploit

No description provided by source. !/usr/bin/env perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; use Getopt::Std; my %args, $user, $password, $sqlhost, $sqluser, $sqlpassword, $cookie, $path, $file, $upload = ; my $tmp = 'cmd1.jpg'; getopts"u:a:f:p:", %args; -a don't...

[ MDKSA-2006:097 ] - Updated MySQL packages fixes SQL injection vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:097 http://www.mandriva.com/security/ Package : MySQL Date : June 7, 2006 Affected: 10.2, 2006.0 Problem Description: SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows...

AzDGDatingLite V 2.1.3 remote code execution

AzDGDatingLite V 2.1.3 possibly prior versions remote code execution not yet tested the Platinum version software: site: http://www.azdg.com/ download page: http://www.azdg.com/scripts.php?l=english description:" AzDGDatingLite is a Free dating script working on PHP and MySQL. Multilanguage,...

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through...

MySQL: Insecure temporary file creation

Background MySQL is a fast, multi-threaded, multi-user SQL database server. Description Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered that the 'mysqlaccess' script creates temporary files in world-writeable directories with predictable names. Impact A local...

2bgalSQL.txt

2Bgal 2.5.1 SQL injection Vulnerability http://www.ben3w.com/ 12/22/2004 ---------------------------------------------------------------------- Description: ---------------------------------------------------------------------- 2Bgal is fully customizable photo gallery. It's seems to be vulnerabl...

CVE-2004-0835

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities...

Oracle MySQL < 4.0.21 Remote GRANT Privilege Escalation

Binary data 2370.prm...

RHEL 2.1 : mysql (RHSA-2004:597)

Updated mysql packages that fix various security issues, as well as a number of bugs, are now available for Red Hat Enterprise Linux 2.1. MySQL is a multi-user, multi-threaded SQL database server. A number security issues that affect the mysql server have been reported : Oleksandr Byelkin...

Low: Red Hat Security Advisory: mysql security update

Updated mysql packages that fix various temporary file security issues, as well as a number of bugs, are now available. MySQL is a multi-user, multi-threaded SQL database server. This update fixes a number of small bugs, including some potential security problems associated with careless handling...

Important: Red Hat Security Advisory: mysql security update

Updated mysql packages that fix various security issues, as well as a number of bugs, are now available for Red Hat Enterprise Linux 2.1. MySQL is a multi-user, multi-threaded SQL database server. A number security issues that affect the mysql server have been reported: Oleksandr Byelkin discover...

DSA-562-2 mysql - several vulnerabilities

Bulletin has no description...