This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated mysql packages that fix several vulnerabilities are now
This update has been rated as having important security impact by the
Red Hat Security Response Team.
MySQL is a multi-user, multi-threaded SQL database server.
This update fixes several security risks in the MySQL server.
Stefano Di Paola discovered two bugs in the way MySQL handles
user-defined functions. A user with the ability to create and execute
a user defined function could potentially execute arbitrary code on
the MySQL server. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CVE-2005-0709 and CVE-2005-0710
to these issues.
Stefano Di Paola also discovered a bug in the way MySQL creates
temporary tables. A local user could create a specially crafted
symlink which could result in the MySQL server overwriting a file
which it has write access to. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-0711 to this issue.
All users of the MySQL server are advised to upgrade to these updated
packages, which contain fixes for these issues.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.6