How to Buy
This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated mysql packages that fix a temporary file flaw and a number of
bugs are now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries.
An insecure temporary file handling bug was found in the
mysql_install_db script. It is possible for a local user to create
specially crafted files in /tmp which could allow them to execute
arbitrary SQL commands during database installation. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2005-1636 to this issue.
These packages update mysql to version 4.1.12, fixing a number of
problems. Also, support for SSL-encrypted connections to the database
server is now provided.
All users of mysql are advised to upgrade to these updated packages.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.6
Family: Red Hat Local Security Checks
Nessus Plugin ID: 19993 ()
CVE ID: CVE-2005-1636
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.