19 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-1626
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE...
Oracle Linux 5 : mysql (ELSA-2010-0442)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0442 advisory. 5.0.77-4.3 - Add fixes for CVE-2010-1626, CVE-2010-1848, CVE-2010-1850 Tenable has extracted the preceding description block directly from the Oracle...
Scientific Linux Security Update : mysql on SL5.x i386/x86_64
A buffer overflow flaw was found in the way MySQL handled the parameters of the MySQL COMFIELDLIST network protocol command this command is sent when a client uses the MySQL mysqllistfields client library function. An authenticated database user could send a request with an excessively long table...
Gentoo Security Advisory GLSA 201201-02 (MySQL)
The remote host is missing updates announced in advisory GLSA 201201-02. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
SuSE 11 / 11.1 Security Update : MySQL (SAT Patch Numbers 3220 / 3243)
The following bugs have been fixed : - local users could delete data files for tables of other users. CVE-2010-1626 - authenticated users could gather information for tables they should not have access to. CVE-2010-1849 - authenticated users could crash mysqld. CVE-2010-1848 - authenticated users...
SuSE9 Security Update : MySQL (YOU Patch Number 12661)
The following bugs have been fixed : - local users could delete data files for tables of other users. CVE-2010-1626 - authenticated users could gather information for tables they should not have access to. CVE-2010-1849 - authenticated users could crash mysqld. CVE-2010-3683, CVE-2010-3681,...
SuSE 10 Security Update : MySQL (ZYPP Patch Number 7172)
The following bugs have been fixed : - local users could delete data files for tables of other users. CVE-2010-1626 - authenticated users could gather information for tables they should not have access to. CVE-2010-1849 - authenticated users could crash mysqld. CVE-2010-1848 - authenticated users...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0731-1)
local users could delete data files for tables of other users CVE-2010-1626. - authenticated users could gather information for tables they should not have access to CVE-2010-1849 - authenticated users could crash mysqld CVE-2010-1848 - authenticated users could potentially execute arbitrary code...
openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0730-1)
local users could delete data files for tables of other users CVE-2010-1626. - authenticated users could gather information for tables they should not have access to CVE-2010-1849 - authenticated users could crash mysqld CVE-2010-1848 - authenticated users could potentially execute arbitrary code...
USN-950-1: MySQL vulnerabilities
It was discovered that MySQL did not check privileges before uninstalling plugins. An authenticated user could uninstall arbitrary plugins, bypassing intended restrictions. This issue only affected Ubuntu 9.10 and 10.04 LTS. CVE-2010-1621 It was discovered that MySQL could be made to delete anoth...
Debian DSA-2057-1 : mysql-dfsg-5.0 - several vulnerabilities
Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1626 MySQL allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in...
[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...
CentOS 5 : mysql (CESA-2010:0442)
Updated mysql packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Mandriva Update for mysql MDVSA-2010:101 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:101 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RHEL 5 : mysql (RHSA-2010:0442)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0442 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...
mysql security update
5.0.77-4.3 - Add fixes for CVE-2010-1626, CVE-2010-1848, CVE-2010-1850...
CVE-2010-1626
CVE-2010-1626 affects MySQL before 5.1.46; a local attacker can delete data and index files of another user’s MyISAM table via a symlink attack combined with DROP TABLE. This is distinct from CVE-2008-4098/7247. Remediation per connected advisories is to upgrade to a fixed MySQL version (e.g., 5....
Mandriva Linux Security Advisory : mysql (MDVSA-2010:101)
A vulnerability has been found and corrected in mysql : It was possible for DROP TABLE of one MyISAM table to remove the data and index files of a different MyISAM table CVE-2010-1626. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The...