17 matches found
Oracle: Security Advisory (ELSA-2010-0109)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 5 : mysql (ELSA-2010-0109)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0109 advisory. - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: 556505 Tenable has extracted the preceding description block directly from the...
Gentoo Security Advisory GLSA 201201-02 (MySQL)
The remote host is missing updates announced in advisory GLSA 201201-02. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
SuSE 11 Security Update : MySQL (SAT Patch Number 2317)
Updated MySQL packages fix the following bugs : - upstream 47320 - checking server certificates. CVE-2009-4028 - upstream 48291 - error handling in subqueries. CVE-2009-4019 - upstream 47780 - preserving nullvalue flag in GeomFromWKB. CVE-2009-4019 - upstream 39277 - symlink behaviour fixed...
SuSE 10 Security Update : MySQL (ZYPP Patch Number 6899)
This update fixes various security issues bnc557669 : upstream 47320 - checking server certificates CVE-2009-4028 upstream 48291 - error handling in subqueries CVE-2009-4019 upstream 47780 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 upstream 39277 - symlink behaviour fixed...
Mandriva Linux Security Advisory : mysql (MDVSA-2010:012)
Multiple vulnerabilities has been found and corrected in mysql : mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not 1 properly handle errors during execution of certain SELECT statements with subqueries, and does not 2 preserve certain nullvalue flags during execution of...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)
Updated mysql packages fix the following bugs : - upstream 47320 - checking server certificates CVE-2009-4028 - upstream 48291 - error handling in subqueries CVE-2009-4019 - upstream 47780 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 - upstream 39277 - symlink behaviour fixed...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)
Updated mysql packages fix the following bugs : - upstream 47320 - checking server certificates CVE-2009-4028 - upstream 48291 - error handling in subqueries CVE-2009-4019 - upstream 47780 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 - upstream 39277 - symlink behaviour fixed...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)
This update fixes several security issues in mysql : - checking server certificates CVE-2009-4028 - error handling in subqueries CVE-2009-4019 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 - symlink behavior fixed CVE-2008-7247 - symlink behavior refixed CVE-2009-4030 %NASLMINLEVEL 703...
SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)
This update fixes various security issues bnc557669 : upstream 47320 - checking server certificates CVE-2009-4028 upstream 48291 - error handling in subqueries CVE-2009-4019 upstream 47780 - preserving nullvalue flag in GeomFromWKB CVE-2009-4019 upstream 39277 - symlink behaviour fixed...
mysql security update
5.0.77-4.2 - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: 556505 - Use non-expired certificates for SSL testing upstream bug 50702 - Emit explicit error message if user tries to build RPM as root - Add comment suggesting disabling symbolic links in /etc/my.cnf...
Mandriva Update for mysql MDVSA-2010:012 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:012 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for mysql MDVSA-2010:011 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:011 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for mysql MDVSA-2010:012 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:012 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Linux Security Advisory : mysql (MDVSA-2010:011)
Multiple vulnerabilities has been found and corrected in mysql : mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not 1 properly handle errors during execution of certain SELECT statements with subqueries, and does not 2 preserve certain nullvalue flags during execution of...
MySQL OpenSSL客户端绕过yaSSL服务器证书验证漏洞
BUGTRAQ ID: 37076 CVE ID: CVE-2009-4028 MySQL是一款使用非常广泛的开放源代码关系数据库系统,拥有各种平台的运行版本。 在使用OpenSSL的时候,MySQL的viosslfactories.c文件中的vioverifycallback函数可以接受深度为0的X.509证书: vioverifycallback at viosslfactories.c: / Approve cert if depth is greater then "verifydepth", currently verifydepth is always 0 and there...
CVE-2009-4028
The CVE-2009-4028 issue affects MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 when OpenSSL is used. The vio_verify_callback function accepts a depth value of zero for X.509 certificates, enabling MITM attackers to spoof SSL-based MySQL servers with a crafted certificate (the scenario demonstr...