The remote Red Hat host is missing one or more security updates.
Updated mysql packages that fix various temporary file security
issues, as well as a number of bugs, are now available.
MySQL is a multi-user, multi-threaded SQL database server.
This update fixes a number of small bugs, including some potential
security problems associated with careless handling of temporary
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CVE-2004-0381, CVE-2004-0388,
and CVE-2004-0457 to these issues.
A number of additional security issues that affect mysql have been
corrected in the source package. These include CVE-2004-0835,
CVE-2004-0836, CVE-2004-0837, and CVE-2004-0957. Red Hat Enterprise
Linux 3 does not ship with the mysql-server package and is therefore
not affected by these issues.
This update also allows 32-bit and 64-bit libraries to be installed
concurrently on the same system.
All users of mysql should upgrade to these updated packages, which
resolve these issues.
See also :
Update the affected mysql, mysql-bench and / or mysql-devel packages.
Risk factor :
Medium / CVSS Base Score : 4.6