GLSA-201308-06 : MySQL: Multiple vulnerabilities

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-201308-06
(MySQL: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in MySQL. Please review
the CVE identifiers referenced below for details.

Impact :

A remote attacker could send a specially crafted request, possibly
resulting in execution of arbitrary code with the privileges of the
application or a Denial of Service condition.

Workaround :

There is no known workaround at this time.

See also :

http://www.gentoo.org/security/en/glsa/glsa-201308-06.xml

Solution :

All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-db/mysql-5.1.70'

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Gentoo Local Security Checks

Nessus Plugin ID: 69508 ()

Bugtraq ID: 51271
51488
51493
51502
51503
51504
51505
51506
51507
51508
51509
51510
51511
51512
51513
51514
51515
51516
51517
51518
51519
51520
51521
51522
51523
51524
51525
51526
52931
53058
53061
53064
53067
53071
53074
53911
54540
54547
54551
55120
55990
56003
56005
56017
56018
56021
56027
56028
56036
56041
56766
56768
56769
56771
56776
56837
57334
57385
57388
57391
57397
57400
57405
57408
57410
57411
57412
57414
57415
57416
57417
57418
57780
58594
58595
59173
59180
59188
59196
59201
59202
59205
59207
59209
59210
59211
59215
59216
59217
59218
59223
59224
59225
59227
59229
59232
59237
59239
59242
61227
61244
61260

CVE ID: CVE-2011-2262
CVE-2012-0075
CVE-2012-0087
CVE-2012-0101
CVE-2012-0102
CVE-2012-0112
CVE-2012-0113
CVE-2012-0114
CVE-2012-0115
CVE-2012-0116
CVE-2012-0117
CVE-2012-0118
CVE-2012-0119
CVE-2012-0120
CVE-2012-0484
CVE-2012-0485
CVE-2012-0486
CVE-2012-0487
CVE-2012-0488
CVE-2012-0489
CVE-2012-0490
CVE-2012-0491
CVE-2012-0492
CVE-2012-0493
CVE-2012-0494
CVE-2012-0495
CVE-2012-0496
CVE-2012-0540
CVE-2012-0553
CVE-2012-0572
CVE-2012-0574
CVE-2012-0578
CVE-2012-0583
CVE-2012-1688
CVE-2012-1689
CVE-2012-1690
CVE-2012-1696
CVE-2012-1697
CVE-2012-1702
CVE-2012-1703
CVE-2012-1705
CVE-2012-1734
CVE-2012-2102
CVE-2012-2122
CVE-2012-2749
CVE-2012-3150
CVE-2012-3158
CVE-2012-3160
CVE-2012-3163
CVE-2012-3166
CVE-2012-3167
CVE-2012-3173
CVE-2012-3177
CVE-2012-3180
CVE-2012-3197
CVE-2012-5060
CVE-2012-5096
CVE-2012-5611
CVE-2012-5612
CVE-2012-5613
CVE-2012-5614
CVE-2012-5615
CVE-2012-5627
CVE-2013-0367
CVE-2013-0368
CVE-2013-0371
CVE-2013-0375
CVE-2013-0383
CVE-2013-0384
CVE-2013-0385
CVE-2013-0386
CVE-2013-0389
CVE-2013-1492
CVE-2013-1502
CVE-2013-1506
CVE-2013-1511
CVE-2013-1512
CVE-2013-1521
CVE-2013-1523
CVE-2013-1526
CVE-2013-1531
CVE-2013-1532
CVE-2013-1544
CVE-2013-1548
CVE-2013-1552
CVE-2013-1555
CVE-2013-1566
CVE-2013-1567
CVE-2013-1570
CVE-2013-1623
CVE-2013-2375
CVE-2013-2376
CVE-2013-2378
CVE-2013-2381
CVE-2013-2389
CVE-2013-2391
CVE-2013-2392
CVE-2013-2395
CVE-2013-3802
CVE-2013-3804
CVE-2013-3808