This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated mysql-server packages that fix several vulnerabilities are now
This update has been rated as having important security impact by the
Red Hat Security Response Team.
MySQL is a multi-user, multi-threaded SQL database server.
This update fixes several security risks in the MySQL server.
Stefano Di Paola discovered two bugs in the way MySQL handles
user-defined functions. A user with the ability to create and execute
a user defined function could potentially execute arbitrary code on
the MySQL server. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CVE-2005-0709 and CVE-2005-0710
to these issues.
Stefano Di Paola also discovered a bug in the way MySQL creates
temporary tables. A local user could create a specially crafted
symlink which could result in the MySQL server overwriting a file
which it has write access to. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-0711 to this issue.
All users of the MySQL server are advised to upgrade to these updated
packages, which contain fixes for these issues.
See also :
Update the affected mysql-server package.
Risk factor :
Medium / CVSS Base Score : 4.6
Family: Red Hat Local Security Checks
Nessus Plugin ID: 17981 ()
CVE ID: CVE-2005-0709CVE-2005-0710CVE-2005-0711
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.