ID CVE-2009-4030
Summary MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
References
Vulnerable Configurations
  • MySQL 5.1
    cpe:2.3:a:mysql:mysql:5.1
  • MySQL 5.1.1
    cpe:2.3:a:mysql:mysql:5.1.1
  • MySQL 5.1.2
    cpe:2.3:a:mysql:mysql:5.1.2
  • MySQL 5.1.3
    cpe:2.3:a:mysql:mysql:5.1.3
  • MySQL 5.1.4
    cpe:2.3:a:mysql:mysql:5.1.4
  • MySQL 5.1.5
    cpe:2.3:a:mysql:mysql:5.1.5
  • MySQL 5.1.5a
    cpe:2.3:a:mysql:mysql:5.1.5a
  • MySQL 5.1.6
    cpe:2.3:a:mysql:mysql:5.1.6
  • MySQL 5.1.7
    cpe:2.3:a:mysql:mysql:5.1.7
  • MySQL 5.1.8
    cpe:2.3:a:mysql:mysql:5.1.8
  • MySQL 5.1.9
    cpe:2.3:a:mysql:mysql:5.1.9
  • MySQL 5.1.10
    cpe:2.3:a:mysql:mysql:5.1.10
  • MySQL 5.1.11
    cpe:2.3:a:mysql:mysql:5.1.11
  • MySQL 5.1.12
    cpe:2.3:a:mysql:mysql:5.1.12
  • MySQL 5.1.13
    cpe:2.3:a:mysql:mysql:5.1.13
  • MySQL 5.1.14
    cpe:2.3:a:mysql:mysql:5.1.14
  • MySQL 5.1.15
    cpe:2.3:a:mysql:mysql:5.1.15
  • MySQL 5.1.16
    cpe:2.3:a:mysql:mysql:5.1.16
  • MySQL 5.1.17
    cpe:2.3:a:mysql:mysql:5.1.17
  • MySQL 5.1.18
    cpe:2.3:a:mysql:mysql:5.1.18
  • MySQL 5.1.19
    cpe:2.3:a:mysql:mysql:5.1.19
  • MySQL 5.1.20
    cpe:2.3:a:mysql:mysql:5.1.20
  • MySQL 5.1.21
    cpe:2.3:a:mysql:mysql:5.1.21
  • MySQL 5.1.22
    cpe:2.3:a:mysql:mysql:5.1.22
  • MySQL 5.1.23
    cpe:2.3:a:mysql:mysql:5.1.23
  • MySQL 5.1.23_bk
    cpe:2.3:a:mysql:mysql:5.1.23_bk
  • MySQL 5.1.23a
    cpe:2.3:a:mysql:mysql:5.1.23a
  • MySQL 5.1.30
    cpe:2.3:a:mysql:mysql:5.1.30
  • MySQL 5.1.32-bzr
    cpe:2.3:a:mysql:mysql:5.1.32-bzr
CVSS
Base: 4.4 (as of 01-12-2009 - 11:01)
Impact:
Exploitability:
CWE CWE-59
CAPEC
  • Symlink Attack
    An attacker positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name. The endpoint file may be either output or input. If the file is output, the result is that the endpoint is modified, instead of a file at the intended location. Modifications to the endpoint file may include appending, overwriting, corrupting, changing permissions, or other modifications. In some variants of this attack the attacker may be able to control the change to a file while in other cases they cannot. The former is especially damaging since the attacker may be able to grant themselves increased privileges or insert false information, but the latter can also be damaging as it can expose sensitive information or corrupt or destroy vital system or application files. Alternatively, the endpoint file may serve as input to the targeted application. This can be used to feed malformed input into the target or to cause the target to process different information, possibly allowing the attacker to control the actions of the target or to cause the target to expose information to the attacker. Moreover, the actions taken on the endpoint file are undertaken with the permissions of the targeted user or application, which may exceed the permissions that the attacker would normally have.
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1397-1.NASL
    description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information : http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.ht ml. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 58325
    published 2012-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58325
    title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1397-1)
  • NASL family Databases
    NASL id MYSQL_5_0_95_CREATE_TABLE_BYPASS.NASL
    description The version of MySQL installed may be affected by a symlink-related restriction bypass vulnerability due to a CVE-2009-4030 regression fix being removed in a RedHat 5.0.95 package. Note that this flaw has no impact if the default basedir and datadir configuration values are unchanged.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62927
    published 2012-11-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62927
    title MySQL 5.0.95 MyISAM Table Symbolic Link Local Restriction Bypass
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130108_MYSQL_ON_SL5_X.NASL
    description It was found that the fix for the CVE-2009-4030 issue, a flaw in the way MySQL checked the paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives when the 'datadir' option was configured with a relative path, was incorrectly removed when the mysql packages in Scientific Linux 5 were updated to version 5.0.95 via SLSA-2012:0127. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. This update re-applies the fix for CVE-2009-4030. (CVE-2012-4452) Note: If the use of the DATA DIRECTORY and INDEX DIRECTORY directives were disabled as described in SLSA-2010:0109 (by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file), users were not vulnerable to this issue. This update also fixes the following bugs : - Prior to this update, the log file path in the logrotate script did not behave as expected. As a consequence, the logrotate function failed to rotate the '/var/log/mysqld.log' file. This update modifies the logrotate script to allow rotating the mysqld.log file. - Prior to this update, the mysqld daemon could fail when using the EXPLAIN flag in prepared statement mode. This update modifies the underlying code to handle the EXPLAIN flag as expected. - Prior to this update, the mysqld init script could wrongly report that mysql server startup failed when the server was actually started. This update modifies the init script to report the status of the mysqld server as expected. - Prior to this update, the '--enable-profiling' option was by default disabled. This update enables the profiling feature. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 63599
    published 2013-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63599
    title Scientific Linux Security Update : mysql on SL5.x i386/x86_64
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-012.NASL
    description Multiple vulnerabilities has been found and corrected in mysql : mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement (CVE-2009-4019). The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library (CVE-2009-4028). MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079 (CVE-2009-4030). The updated packages have been patched to correct these issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded to the latest stable 5.1 release (5.1.42).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 48166
    published 2010-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48166
    title Mandriva Linux Security Advisory : mysql (MDVSA-2010:012)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_3.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.3. Mac OS X 10.6.3 contains security fixes for the following products : - AFP Server - Apache - CoreAudio - CoreMedia - CoreTypes - CUPS - DesktopServices - Disk Images - Directory Services - Dovecot - Event Monitor - FreeRADIUS - FTP Server - iChat Server - ImageIO - Image RAW - Libsystem - Mail - MySQL - OS Services - Password Server - PHP - Podcast Producer - Preferences - PS Normalizer - QuickTime - Ruby - Server Admin - SMB - Tomcat - Wiki Server - X11
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 45372
    published 2010-03-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45372
    title Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0110.NASL
    description Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges and shell access to the database server could use these flaws to escalate their database privileges, or gain access to tables created by other database users. (CVE-2008-4098, CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. An insufficient HTML entities quoting flaw was found in the mysql command line client's HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. (CVE-2008-4456) Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). (CVE-2009-2446) Note: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld '--log' command line option or the 'log' option in 'my.cnf') must be enabled. This logging is not enabled by default. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 44635
    published 2010-02-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44635
    title RHEL 4 : mysql (RHSA-2010:0110)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0109.NASL
    description From Red Hat Security Advisory 2010:0109 : Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use this flaw to trick MySQL clients into connecting to a spoofed MySQL server. (CVE-2009-4028) Note: This fix may uncover previously hidden SSL configuration issues, such as incorrect CA certificates being used by clients or expired server certificates. This update should be carefully tested in deployments where SSL connections are used. A flaw was found in the way MySQL handled SELECT statements with subqueries in the WHERE clause, that assigned results to a user variable. A remote, authenticated attacker could use this flaw to crash the MySQL server daemon (mysqld). This issue only caused a temporary denial of service, as the MySQL daemon was automatically restarted after the crash. (CVE-2009-4019) When the 'datadir' option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. (CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 67997
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67997
    title Oracle Linux 5 : mysql (ELSA-2010-0109)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBMYSQLCLIENT-DEVEL-100401.NASL
    description Updated mysql packages fix the following bugs : - upstream #47320 - checking server certificates (CVE-2009-4028) - upstream #48291 - error handling in subqueries (CVE-2009-4019) - upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) - upstream #39277 - symlink behaviour fixed (CVE-2008-7247) - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46235
    published 2010-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46235
    title openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBMYSQLCLIENT-DEVEL-100429.NASL
    description Updated MySQL packages fix the following bugs : - upstream #47320 - checking server certificates. (CVE-2009-4028) - upstream #48291 - error handling in subqueries. (CVE-2009-4019) - upstream #47780 - preserving null_value flag in GeomFromWKB(). (CVE-2009-4019) - upstream #39277 - symlink behaviour fixed. (CVE-2008-7247) - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 50935
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50935
    title SuSE 11 Security Update : MySQL (SAT Patch Number 2317)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_LIBMYSQLCLIENT-DEVEL-091216.NASL
    description This update fixes several security issues in mysql : - checking server certificates (CVE-2009-4028) - error handling in subqueries (CVE-2009-4019) - preserving null_value flag in GeomFromWKB (CVE-2009-4019) - symlink behavior fixed (CVE-2008-7247) - symlink behavior refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46218
    published 2010-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46218
    title openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-897-1.NASL
    description It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This issue only affected Ubuntu 8.10. (CVE-2008-4098) It was discovered that MySQL contained a cross-site scripting vulnerability in the command-line client when the --html option is enabled. An attacker could place arbitrary web script or html in a database cell, which would then get placed in the html document output by the command-line tool. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2008-4456) It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use symlinks combined with the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This issue only affected Ubuntu 9.10. (CVE-2008-7247) It was discovered that MySQL contained multiple format string flaws when logging database creation and deletion. An authenticated user could use specially crafted database names to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2446) It was discovered that MySQL incorrectly handled errors when performing certain SELECT statements, and did not preserve correct flags when performing statements that use the GeomFromWKB function. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2009-4019) It was discovered that MySQL incorrectly checked symlinks when using the DATA DIRECTORY and INDEX DIRECTORY options. A local user could use symlinks to create tables that pointed to tables known to be created at a later time, bypassing access restrictions. (CVE-2009-4030) It was discovered that MySQL contained a buffer overflow when parsing ssl certificates. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 LTS and the default compiler options for affected releases should reduce the vulnerability to a denial of service. In the default installation, attackers would also be isolated by the AppArmor MySQL profile. (CVE-2009-4484). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 44585
    published 2010-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44585
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-897-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1997.NASL
    description Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-4019 Domas Mituzas discovered that mysqld does not properly handle errors during execution of certain SELECT statements with subqueries, and does not preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement. - CVE-2009-4030 Sergei Golubchik discovered that MySQL allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory. - CVE-2009-4484 Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44861
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44861
    title Debian DSA-1997-1 : mysql-dfsg-5.0 - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12661.NASL
    description The following bugs have been fixed : - local users could delete data files for tables of other users. (CVE-2010-1626) - authenticated users could gather information for tables they should not have access to. (CVE-2010-1849) - authenticated users could crash mysqld. (CVE-2010-3683, CVE-2010-3681, CVE-2010-1848) - authenticated users could bypass intended access restrictions. (CVE-2008-7247, CVE-2009-4030)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 50523
    published 2010-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50523
    title SuSE9 Security Update : MySQL (YOU Patch Number 12661)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0109.NASL
    description Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use this flaw to trick MySQL clients into connecting to a spoofed MySQL server. (CVE-2009-4028) Note: This fix may uncover previously hidden SSL configuration issues, such as incorrect CA certificates being used by clients or expired server certificates. This update should be carefully tested in deployments where SSL connections are used. A flaw was found in the way MySQL handled SELECT statements with subqueries in the WHERE clause, that assigned results to a user variable. A remote, authenticated attacker could use this flaw to crash the MySQL server daemon (mysqld). This issue only caused a temporary denial of service, as the MySQL daemon was automatically restarted after the crash. (CVE-2009-4019) When the 'datadir' option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. (CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44948
    published 2010-03-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44948
    title CentOS 5 : mysql (CESA-2010:0109)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBMYSQLCLIENT-DEVEL-091216.NASL
    description This update fixes several security issues in mysql : - checking server certificates (CVE-2009-4028) - error handling in subqueries (CVE-2009-4019) - preserving null_value flag in GeomFromWKB (CVE-2009-4019) - symlink behavior fixed (CVE-2008-7247) - symlink behavior refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46219
    published 2010-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46219
    title openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0109.NASL
    description Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use this flaw to trick MySQL clients into connecting to a spoofed MySQL server. (CVE-2009-4028) Note: This fix may uncover previously hidden SSL configuration issues, such as incorrect CA certificates being used by clients or expired server certificates. This update should be carefully tested in deployments where SSL connections are used. A flaw was found in the way MySQL handled SELECT statements with subqueries in the WHERE clause, that assigned results to a user variable. A remote, authenticated attacker could use this flaw to crash the MySQL server daemon (mysqld). This issue only caused a temporary denial of service, as the MySQL daemon was automatically restarted after the crash. (CVE-2009-4019) When the 'datadir' option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. (CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 44634
    published 2010-02-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44634
    title RHEL 5 : mysql (RHSA-2010:0109)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBMYSQLCLIENT-DEVEL-091215.NASL
    description This update fixes several security issues in mysql : - checking server certificates (CVE-2009-4028) - error handling in subqueries (CVE-2009-4019) - preserving null_value flag in GeomFromWKB (CVE-2009-4019) - symlink behavior fixed (CVE-2008-7247) - symlink behavior refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46220
    published 2010-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46220
    title openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0110.NASL
    description From Red Hat Security Advisory 2010:0110 : Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges and shell access to the database server could use these flaws to escalate their database privileges, or gain access to tables created by other database users. (CVE-2008-4098, CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. An insufficient HTML entities quoting flaw was found in the mysql command line client's HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. (CVE-2008-4456) Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). (CVE-2009-2446) Note: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld '--log' command line option or the 'log' option in 'my.cnf') must be enabled. This logging is not enabled by default. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 67998
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67998
    title Oracle Linux 4 : mysql (ELSA-2010-0110)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MYSQL-6897.NASL
    description This update fixes various security issues (bnc#557669) : upstream #47320 - checking server certificates (CVE-2009-4028) upstream #48291 - error handling in subqueries (CVE-2009-4019) upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) upstream #39277 - symlink behaviour fixed (CVE-2008-7247) upstream #32167 - symlink behaviour refixed (CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 45107
    published 2010-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45107
    title SuSE 10 Security Update : MySQL (ZYPP Patch Number 6897)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-011.NASL
    description Multiple vulnerabilities has been found and corrected in mysql : mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement (CVE-2009-4019). The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library (CVE-2009-4028). MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079 (CVE-2009-4030). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. Additionally for 2009.0 and MES5 mysql has also been upgraded to the last stable 5.0 release (5.0.89).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 44043
    published 2010-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44043
    title Mandriva Linux Security Advisory : mysql (MDVSA-2010:011)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_LIBMYSQLCLIENT-DEVEL-100504.NASL
    description Updated mysql packages fix the following bugs : - upstream #47320 - checking server certificates (CVE-2009-4028) - upstream #48291 - error handling in subqueries (CVE-2009-4019) - upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) - upstream #39277 - symlink behaviour fixed (CVE-2008-7247) - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46229
    published 2010-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46229
    title openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBMYSQLCLIENT-DEVEL-100401.NASL
    description Updated mysql packages fix the following bugs : - upstream #47320 - checking server certificates (CVE-2009-4028) - upstream #48291 - error handling in subqueries (CVE-2009-4019) - upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) - upstream #39277 - symlink behaviour fixed (CVE-2008-7247) - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46232
    published 2010-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46232
    title openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0198-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MYSQL-6899.NASL
    description This update fixes various security issues (bnc#557669) : upstream #47320 - checking server certificates (CVE-2009-4028) upstream #48291 - error handling in subqueries (CVE-2009-4019) upstream #47780 - preserving null_value flag in GeomFromWKB() (CVE-2009-4019) upstream #39277 - symlink behaviour fixed (CVE-2008-7247) upstream #32167 - symlink behaviour refixed (CVE-2009-4030) fixing remote buffer overflow. (CVE-2009-4484)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 49903
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49903
    title SuSE 10 Security Update : MySQL (ZYPP Patch Number 6899)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100216_MYSQL_ON_SL4_X.NASL
    description CVE-2008-4098 mysql: incomplete upstream fix for CVE-2008-2079 CVE-2008-4456 mysql: mysql command line client XSS flaw CVE-2009-2446 MySQL: Format string vulnerability by manipulation with database instances (crash) CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges and shell access to the database server could use these flaws to escalate their database privileges, or gain access to tables created by other database users. (CVE-2008-4098, CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. An insufficient HTML entities quoting flaw was found in the mysql command line client's HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. (CVE-2008-4456) Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). (CVE-2009-2446) Note: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld '--log' command line option or the 'log' option in 'my.cnf') must be enabled. This logging is not enabled by default. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60735
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60735
    title Scientific Linux Security Update : mysql on SL4.x i386/x86_64
  • NASL family Databases
    NASL id MYSQL_5_1_41.NASL
    description The version of MySQL 5.1 installed on the remote host is earlier than 5.1.41 and is, therefore, potentially affected by the following vulnerabilities : - An incomplete fix was provided in 5.1.24 for CVE-2008-2079, a symlink-related privilege escalation issue. (Bug #39277) - MySQL clients linked against OpenSSL are vulnerable to man-in-the-middle attacks. (Bug #47320) - The GeomFromWKB() function can be manipulated to cause a denial of service. (Bug #47780) - Specially crafted SELECT statements containing sub- queries in the WHERE clause can cause the server to crash. (Bug #48291)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 42900
    published 2009-11-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42900
    title MySQL 5.1 < 5.1.41 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100216_MYSQL_ON_SL5_X.NASL
    description CVE-2009-4019 mysql: DoS (crash) when comparing GIS items from subquery and when handling subqueires in WHERE and assigning a SELECT result to a @variable CVE-2009-4028 mysql: client SSL certificate verification flaw CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use this flaw to trick MySQL clients into connecting to a spoofed MySQL server. (CVE-2009-4028) Note: This fix may uncover previously hidden SSL configuration issues, such as incorrect CA certificates being used by clients or expired server certificates. This update should be carefully tested in deployments where SSL connections are used. A flaw was found in the way MySQL handled SELECT statements with subqueries in the WHERE clause, that assigned results to a user variable. A remote, authenticated attacker could use this flaw to crash the MySQL server daemon (mysqld). This issue only caused a temporary denial of service, as the MySQL daemon was automatically restarted after the crash. (CVE-2009-4019) When the 'datadir' option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. (CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60736
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60736
    title Scientific Linux Security Update : mysql on SL5.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0110.NASL
    description Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker with CREATE and DROP table privileges and shell access to the database server could use these flaws to escalate their database privileges, or gain access to tables created by other database users. (CVE-2008-4098, CVE-2009-4030) Note: Due to the security risks and previous security issues related to the use of the DATA DIRECTORY and INDEX DIRECTORY directives, users not depending on this feature should consider disabling it by adding 'symbolic-links=0' to the '[mysqld]' section of the 'my.cnf' configuration file. In this update, an example of such a configuration was added to the default 'my.cnf' file. An insufficient HTML entities quoting flaw was found in the mysql command line client's HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. (CVE-2008-4456) Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). (CVE-2009-2446) Note: To exploit the CVE-2009-2446 flaws, the general query log (the mysqld '--log' command line option or the 'log' option in 'my.cnf') must be enabled. This logging is not enabled by default. All MySQL users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44647
    published 2010-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44647
    title CentOS 4 : mysql (CESA-2010:0110)
oval via4
  • accepted 2013-04-29T04:11:36.708-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
    family unix
    id oval:org.mitre.oval:def:11116
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
    version 24
  • accepted 2013-09-23T04:05:39.689-04:00
    class vulnerability
    contributors
    • name J. Daniel Brown
      organization DTCC
    • name Maria Kedovskaya
      organization ALTX-SOFT
    definition_extensions
    comment MySQL 5.1 is installed
    oval oval:org.mitre.oval:def:8297
    description MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
    family windows
    id oval:org.mitre.oval:def:8156
    status accepted
    submitted 2010-01-22T17:00:00.000-05:00
    title MySQL 5.1 Privilege Bypass with DATA/INDEX DIRECTORY
    version 17
redhat via4
advisories
  • bugzilla
    id 543653
    title CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment mysql is earlier than 0:5.0.77-4.el5_4.2
          oval oval:com.redhat.rhsa:tst:20100109002
        • comment mysql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070875012
      • AND
        • comment mysql-bench is earlier than 0:5.0.77-4.el5_4.2
          oval oval:com.redhat.rhsa:tst:20100109004
        • comment mysql-bench is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070875018
      • AND
        • comment mysql-devel is earlier than 0:5.0.77-4.el5_4.2
          oval oval:com.redhat.rhsa:tst:20100109006
        • comment mysql-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070875014
      • AND
        • comment mysql-server is earlier than 0:5.0.77-4.el5_4.2
          oval oval:com.redhat.rhsa:tst:20100109010
        • comment mysql-server is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070875016
      • AND
        • comment mysql-test is earlier than 0:5.0.77-4.el5_4.2
          oval oval:com.redhat.rhsa:tst:20100109008
        • comment mysql-test is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070875020
    rhsa
    id RHSA-2010:0109
    released 2010-02-16
    severity Moderate
    title RHSA-2010:0109: mysql security update (Moderate)
  • bugzilla
    id 543653
    title CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • OR
      • AND
        • comment mysql is earlier than 0:4.1.22-2.el4_8.3
          oval oval:com.redhat.rhsa:tst:20100110002
        • comment mysql is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070152003
      • AND
        • comment mysql-bench is earlier than 0:4.1.22-2.el4_8.3
          oval oval:com.redhat.rhsa:tst:20100110008
        • comment mysql-bench is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070152007
      • AND
        • comment mysql-devel is earlier than 0:4.1.22-2.el4_8.3
          oval oval:com.redhat.rhsa:tst:20100110006
        • comment mysql-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070152005
      • AND
        • comment mysql-server is earlier than 0:4.1.22-2.el4_8.3
          oval oval:com.redhat.rhsa:tst:20100110004
        • comment mysql-server is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070152009
    rhsa
    id RHSA-2010:0110
    released 2010-02-16
    severity Moderate
    title RHSA-2010:0110: mysql security update (Moderate)
rpms
  • mysql-0:5.0.77-4.el5_4.2
  • mysql-bench-0:5.0.77-4.el5_4.2
  • mysql-devel-0:5.0.77-4.el5_4.2
  • mysql-server-0:5.0.77-4.el5_4.2
  • mysql-test-0:5.0.77-4.el5_4.2
  • mysql-0:4.1.22-2.el4_8.3
  • mysql-bench-0:4.1.22-2.el4_8.3
  • mysql-devel-0:4.1.22-2.el4_8.3
  • mysql-server-0:4.1.22-2.el4_8.3
refmap via4
apple APPLE-SA-2010-03-29-1
confirm
debian DSA-1997
mlist
  • [commits] 20091110 bzr commit into mysql-5.0-bugteam branch (joro:2845) Bug#32167
  • [oss-security] 20091119 mysql-5.1.41
  • [oss-security] 20091124 Re: mysql-5.1.41
secunia
  • 38517
  • 38573
suse
  • SUSE-SR:2010:011
  • SUSE-SR:2010:021
ubuntu
  • USN-1397-1
  • USN-897-1
vupen ADV-2010-1107
Last major update 14-01-2011 - 01:37
Published 30-11-2009 - 12:30
Last modified 04-01-2018 - 21:29
Back to Top