FreeBSD : mysql50-server -- COM_TABLE_DUMP arbitrary code execution (a8d8713e-dc83-11da-a22b-000c6ec775d9)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Stefano Di Paola reports :

An authenticated user could remotely execute arbitrary commands by
taking advantage of a stack overflow.

To take advantage of these flaws an attacker should have direct access
to MySQL server communication layer (port 3306 or unix socket). But if
used in conjuction with some web application flaws (i.e. php code
injection) an attacker could use socket programming (i.e. php sockets)
to gain access to that layer.

See also :

http://www.wisec.it/vulns.php?page=8
http://marc.info/?l=bugtraq&m=114659633220473
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
http://www.nessus.org/u?4e4919f8

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21492 (freebsd_pkg_a8d8713edc8311daa22b000c6ec775d9.nasl)

Bugtraq ID:

CVE ID: CVE-2006-1518

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now