Mandriva Linux Security Advisory : mysql (MDVSA-2008:028)

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not
restore THD::db_access privileges when returning from SQL SECURITY
INVOKER stored routines, which allowed remote authenticated users to
gain privileges (CVE-2007-2692).

The federated engine in MySQL 5.0.x, when performing a certain SHOW
TABLE STATUS query, did not properly handle a response with a small
number of columns, which could allow a remote MySQL server to cause a
denial of service (federated handler crash and daemon crash) via a
response that lacks the minimum required number of columns
(CVE-2007-6304).

The updated packages provide MySQL 5.0.45 for all Mandriva Linux
platforms that shipped with MySQL 5.0.x which offers a number of
feature enhancements and bug fixes. In addition, the updates for
Corporate Server 4.0 include support for the Sphinx engine.

Please note that due to the package name change (from 'MySQL' to
'mysql'), the mysqld service will not restart automatically so users
must execute 'service mysqld start' after the upgrade is complete.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 36399 (mandriva_MDVSA-2008-028.nasl)

Bugtraq ID: 24011
26832

CVE ID: CVE-2007-2692
CVE-2007-6303
CVE-2007-6304

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now