RHEL 2.1 : mysql (RHSA-2004:597)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated mysql packages that fix various security issues, as well as a
number of bugs, are now available for Red Hat Enterprise Linux 2.1.

MySQL is a multi-user, multi-threaded SQL database server.

A number security issues that affect the mysql server have been
reported :

Oleksandr Byelkin discovered that 'ALTER TABLE ... RENAME' checked the
CREATE/INSERT rights of the old table instead of the new one. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0835 to this issue.

Lukasz Wojtow discovered a buffer overrun in the mysql_real_connect
function. In order to exploit this issue an attacker would need to
force the use of a malicious DNS server (CVE-2004-0836).

Dean Ellis discovered that multiple threads ALTERing the same (or
different) MERGE tables to change the UNION could cause the server to
crash or stall (CVE-2004-0837).

Sergei Golubchik discovered that if a user is granted privileges to a
database with a name containing an underscore ('_'), the user also
gains the ability to grant privileges to other databases with similar
names (CVE-2004-0957).

Additionally, the following minor temporary file vulnerabilities were
discovered :

- Stan Bubroski and Shaun Colley found a temporary file
vulnerability in the mysqlbug script (CVE-2004-0381). -
A temporary file vulnerability was discovered in
mysqld_multi (CVE-2004-0388). - Jeroen van Wolffelaar
discovered an temporary file vulnerability in the
mysqlhotcopy script when using the scp method

All users of mysql should upgrade to these updated packages, which
resolve these issues and also include fixes for a number of small

See also :


Solution :

Update the affected mysql, mysql-devel and / or mysql-server packages.

Risk factor :

Critical / CVSS Base Score : 10.0

Family: Red Hat Local Security Checks

Nessus Plugin ID: 15536 ()

Bugtraq ID:

CVE ID: CVE-2004-0381