SuSE 10 Security Update : MySQL (ZYPP Patch Number 5338)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

The database server mySQL was updated to fix two security problems :

- MySQL allowed local users to bypass certain privilege
checks by calling CREATE TABLE on a MyISAM table with
arguments that are within the MySQL home data directory,
which can point to tables that are created in the
future. (CVE-2008-2079)

- in MySQL 5.0.x before 5.0.32 and 5.1.x
before 5.1.14 allows remote authenticated users to cause
a denial of service (crash) via an EXPLAIN SELECT FROM
on the INFORMATION_SCHEMA table, as originally
demonstrated using ORDER BY. (CVE-2006-7232)

See also :

Solution :

Apply ZYPP patch number 5338.

Risk factor :

Medium / CVSS Base Score : 4.6

Family: SuSE Local Security Checks

Nessus Plugin ID: 33886 ()

Bugtraq ID:

CVE ID: CVE-2006-7232

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now