CERTA-2003-AVI-151

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Une vulnérabilité est présente dans une routine de contrôle des mots de passe.

Un utilisateur légitime de MySQL possédant le droit d'administration ALTER sur la table mysql.user peut exploiter cette vulnérabilité afin d'exécuter du code arbitraire sur la plate-forme hébergeant le serveur MySQL avec les privilèges du processus mysqld.

Solution

Les versions 3.23.58 et 4.0.15 de MySQL corrigent cette vulnérabilité :

  • Annonce MySQL 4.0.15 :

    http://lists.mysql.com/announce/168

  • Annonce MySQL 3.23.58 :

    http://www.mysql.com/doc/en/News-3.23.58.html
None
Impacted products
Vendor Product Description
Oracle MySQL MySQL versions 3.23.57 et antérieures ;
Oracle MySQL MySQL versions 4.0.14 et antérieures.
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "MySQL versions 3.23.57 et ant\u00e9rieures ;",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL versions 4.0.14 et ant\u00e9rieures.",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 est pr\u00e9sente dans une routine de contr\u00f4le des mots de\npasse.\n\n  \n\nUn utilisateur l\u00e9gitime de MySQL poss\u00e9dant le droit d\u0027administration\nALTER sur la table mysql.user peut exploiter cette vuln\u00e9rabilit\u00e9 afin\nd\u0027ex\u00e9cuter du code arbitraire sur la plate-forme h\u00e9bergeant le serveur\nMySQL avec les privil\u00e8ges du processus mysqld.\n\n## Solution\n\nLes versions 3.23.58 et 4.0.15 de MySQL corrigent cette vuln\u00e9rabilit\u00e9 :\n\n-   Annonce MySQL 4.0.15 :\n\n        http://lists.mysql.com/announce/168\n\n-   Annonce MySQL 3.23.58 :\n\n        http://www.mysql.com/doc/en/News-3.23.58.html\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 MDKSA-2003:094 de Mandrake :",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:094"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RHSA-2003:281 de Red Hat :",
      "url": "http://rhn.redhat.com/errata/RHSA-2003-281.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE-SA:2003:042 de SuSE :",
      "url": "http://www.suse.com/de/security/2003_042_mysql.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RHSA-2003:282 de Red Hat :",
      "url": "http://rhn.redhat.com/errata/RHSA-2003-282.html"
    }
  ],
  "reference": "CERTA-2003-AVI-151",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2003-09-16T00:00:00.000000"
    },
    {
      "description": "ajout r\u00e9f\u00e9rences aux bulletins de SuSE et Mandrake.",
      "revision_date": "2003-10-02T00:00:00.000000"
    },
    {
      "description": "ajout r\u00e9f\u00e9rences aux bulletins de Red Hat.",
      "revision_date": "2003-10-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 du serveur de base de donn\u00e9es MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 200309-08 de Gentoo",
      "url": "http://www.securityfocus.com/advisories/5812"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 DSA-381 de Debian",
      "url": "http://www.debian.org/security/2003/dsa-381"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.