Debian Security Advisory DSA 707-1 (mysql)

The remote host is missing an update to mysql announced via advisory DSA 707-1. OpenVAS Vulnerability Test $Id: deb7071.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 707-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

security flaw

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udfinit function...