Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-559-1
HistoryDec 21, 2007 - 12:00 a.m.

MySQL vulnerabilities

2007-12-2100:00:00
ubuntu.com
32

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.2%

JSON

Releases

  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.10
  • Ubuntu 6.06

Packages

  • mysql-dfsg-5.0 -

Details

Joe Gallo and Artem Russakovskii discovered that the InnoDB
engine in MySQL did not properly perform input validation. An
authenticated user could use a crafted CONTAINS statement to
cause a denial of service. (CVE-2007-5925)

It was discovered that under certain conditions MySQL could be
made to overwrite system table information. An authenticated
user could use a crafted RENAME statement to escalate privileges.
(CVE-2007-5969)

Philip Stoev discovered that the the federated engine of MySQL
did not properly handle responses with a small number of columns.
An authenticated user could use a crafted response to a SHOW
TABLE STATUS query and cause a denial of service. (CVE-2007-6304)

It was discovered that MySQL did not properly enforce access
controls. An authenticated user could use a crafted CREATE TABLE
LIKE statement to escalate privileges. (CVE-2007-3781)

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchmysql-server-5.0<Β 5.0.45-1ubuntu3.1UNKNOWN
Ubuntu7.10noarchlibmysqlclient15-dev<Β 5.0.45-1ubuntu3.1UNKNOWN
Ubuntu7.10noarchlibmysqlclient15off<Β 5.0.45-1ubuntu3.1UNKNOWN
Ubuntu7.10noarchmysql-client-5.0<Β 5.0.45-1ubuntu3.1UNKNOWN
Ubuntu7.04noarchmysql-server-5.0<Β 5.0.38-0ubuntu1.2UNKNOWN
Ubuntu7.04noarchlibmysqlclient15-dev<Β 5.0.38-0ubuntu1.2UNKNOWN
Ubuntu7.04noarchlibmysqlclient15off<Β 5.0.38-0ubuntu1.2UNKNOWN
Ubuntu7.04noarchmysql-client-5.0<Β 5.0.38-0ubuntu1.2UNKNOWN
Ubuntu7.04noarchmysql-server-4.1<Β 5.0.38-0ubuntu1.2UNKNOWN
Ubuntu6.10noarchmysql-server-5.0<Β 5.0.24a-9ubuntu2.2UNKNOWN
Rows per page:
1-10 of 171

Related

openvas 42
nessus 36
slackware 1
osv 2
debian 3
redhat 4
centos 2
oraclelinux 3
fedora 2
f5 2
gentoo 3
altlinux 1
securityvulns 5
prion 5
ubuntucve 4
veracode 3
cvelist 4
nvd 5
cve 5
freebsd 1
seebug 2
ubuntu 1
openvas
openvas
Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-559-1)
2009-03-23 00:00:00
Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
2009-04-09 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mysql-dfsg-5.0 vulnerabilities (USN-559-1)
2007-12-24 00:00:00
Slackware 11.0 / 12.0 / current : mysql (SSA:2007-348-01)
2007-12-17 00:00:00
Debian DSA-1451-1 : mysql-dfsg-5.0 - several vulnerabilities
2008-01-07 00:00:00
slackware
slackware
[slackware-security] mysql
2007-12-15 02:03:51
osv
osv
mysql-dfsg-5.0 several vulnerabilities
2008-01-06 00:00:00
mysql - multiple
2007-11-26 00:00:00
debian
debian
[SECURITY] [DSA 1451-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2008-01-06 18:04:18
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
redhat
redhat
(RHSA-2007:1155) Important: mysql security update
2007-12-18 00:00:00
(RHSA-2007:1157) Important: mysql security update
2007-12-19 00:00:00
(RHSA-2007:0894) Important: mysql security update
2007-09-10 00:00:00
centos
centos
mysql security update
2007-12-18 20:47:57
mysql security update
2007-12-22 14:26:47
oraclelinux
oraclelinux
Important: mysql security update
2007-12-18 00:00:00
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
mysql security and bug fix update
2008-05-30 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: mysql-5.0.45-6.fc7
2007-12-15 19:25:51
[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8
2007-12-15 19:25:11
f5
f5
K8178 : MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2013-03-18 00:00:00
SOL8178 - MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2008-01-13 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2008-04-06 00:00:00
MySQL: Denial of service
2007-11-18 00:00:00
MySQL: Denial of Service and information leakage
2007-08-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt1
2008-01-01 00:00:00
securityvulns
securityvulns
[Full-disclosure] [ GLSA 200711-25 ] MySQL: Denial of Service
2007-11-19 00:00:00
MySQL DoS
2007-11-19 00:00:00
MySQL SHOW TABLE STATUS DoS
2007-12-21 00:00:00
prion
prion
Code injection
2007-07-15 22:30:00
Design/Logic Flaw
2007-11-10 02:46:00
Design/Logic Flaw
2007-12-10 19:46:00
ubuntucve
ubuntucve
CVE-2007-5925
2007-11-10 00:00:00
CVE-2007-5969
2007-12-10 00:00:00
CVE-2007-3781
2007-07-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:22:25
Information Disclosure
2020-04-10 00:28:43
Privilege Escalation
2020-04-10 00:22:25
cvelist
cvelist
CVE-2007-5925
2007-11-10 02:00:00
CVE-2007-5969
2007-12-10 19:00:00
CVE-2007-3781
2007-07-15 22:00:00
nvd
nvd
CVE-2007-5925
2007-11-10 02:46:00
CVE-2007-5969
2007-12-10 19:46:00
CVE-2007-3781
2007-07-15 22:30:00
cve
cve
CVE-2007-5925
2007-11-10 02:46:00
CVE-2007-5969
2007-12-10 19:46:00
CVE-2007-3781
2007-07-15 22:30:00
freebsd
freebsd
mysql -- privilege escalation and overwrite of the system table information
2007-11-14 00:00:00
seebug
seebug
MySQLζœεŠ‘ε™¨RENAME TABLEη³»η»Ÿθ‘¨ζ Όθ¦†η›–ζΌζ΄ž
2007-12-13 00:00:00
MySQL Serverζƒι™ζε‡εŠζ‹’η»ζœεŠ‘ζΌζ΄ž
2007-12-14 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2012-03-12 00:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.032 Low

EPSS

Percentile

91.2%

JSON
Related for USN-559-1
openvas42nessus36slackware1osv2debian3redhat4centos2oraclelinux3fedora2f52gentoo3altlinux1securityvulns5prion5ubuntucve4veracode3cvelist4nvd5cve5freebsd1seebug2ubuntu1