11 matches found
Ubuntu: Security Advisory (USN-338-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2008-0364)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : mysql on SL5.x i386/x86_64
"MySQL did not require privileges such as 'SELECT' for the source table in a 'CREATE TABLE LIKE' statement. An authenticated user could obtain sensitive information, such as the table structure. CVE-2007-3781 A flaw was discovered in MySQL that allowed an authenticated user to gain update...
MySQL < 5.0.25 / 5.1.12 Privilege Escalation
The version of MySQL installed on the remote host is earlier than 5.0.25 / 5.1.12 and thus reportedly allows a remote, authenticated user to gain privileges through a stored routine. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17808; scriptversion"1.8";...
RedHat Update for mysql RHSA-2008:0364-01
Check for the Version of mysql OpenVAS Vulnerability Test RedHat Update for mysql RHSA-2008:0364-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
SuSE 10 Security Update : mysql (ZYPP Patch Number 2073)
This update of mysql fixes several security vulnerabilities. CVE-2006-4031 / CVE-2006-4226 / CVE-2006-4227 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29524...
Ubuntu 6.06 LTS : mysql-dfsg-5.0 vulnerabilities (USN-338-1)
Dmitri Lenev discovered that arguments of setuid SQL functions were evaluated in the security context of the functions' definer instead of its caller. An authenticated user with the privilege to call such a function could exploit this to execute arbitrary statements with the privileges of the...
openSUSE 10 Security Update : mysql (mysql-2075)
This update of mysql fixes several security vulnerabilities. CVE-2006-4031,CVE-2006-4226,CVE-2006-4227 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mysql-2075. The text description of this...
FreeBSD : mysql -- database suid privilege escalation (a9c51caf-6603-11db-ab90-000e35fd8194)
Dmitri Lenev reports a privilege escalation in MySQL. MySQL evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote and local authenticated users to gain privileges through a routine that has been made available...
USN-338-1: MySQL vulnerabilities
Dmitri Lenev discovered that arguments of setuid SQL functions were evaluated in the security context of the functions' definer instead of its caller. An authenticated user with the privilege to call such a function could exploit this to execute arbitrary statements with the privileges of the...
CVE-2006-4227
CVE-2006-4227 affects MySQL premade prior to 5.0.25 and 5.1 prior to 5.1.12. The flaw lets arguments to suid routines be evaluated in the definer’s security context rather than the caller, enabling remote authenticated users to gain privileges through a routine granted with EXECUTE. Mitigations/p...