Synopsis :

The remote Debian host is missing a security-related update.

Description :

Several vulnerabilities have been discovered in MySQL, a popular SQL
database. The Common Vulnerabilities and Exposures Project identifies
the following problems :

- CVE-2006-0903
Improper handling of SQL queries containing the NULL
character allows local users to bypass logging
mechanisms.

- CVE-2006-1516
Usernames without a trailing null byte allow remote
attackers to read portions of memory.

- CVE-2006-1517
A request with an incorrect packet length allows remote
attackers to obtain sensitive information.

- CVE-2006-1518
Specially crafted request packets with invalid length
values allow the execution of arbitrary code.

The following vulnerability matrix shows which version of MySQL in
which distribution has this problem fixed :

  woody sarge sid
mysql 3.23.49-8.15 n/a n/a
mysql-dfsg n/a 4.0.24-10sarge2 n/a
mysql-dfsg-4.1 n/a 4.1.11a-4sarge3 n/a
mysql-dfsg-5.0 n/a n/a 5.0.21-3

See also :

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366043
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366048
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366162
http://security-tracker.debian.org/tracker/CVE-2006-0903
http://security-tracker.debian.org/tracker/CVE-2006-1516
http://security-tracker.debian.org/tracker/CVE-2006-1517
http://security-tracker.debian.org/tracker/CVE-2006-1518
http://www.debian.org/security/2006/dsa-1073

Solution :

Upgrade the mysql packages.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true