Mandriva Linux Security Advisory : mysql (MDVSA-2010:107)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

Multiple vulnerabilities has been found and corrected in mysql :

The server failed to check the table name argument of a COM_FIELD_LIST
command packet for validity and compliance to acceptable table name
standards. This could be exploited to bypass almost all forms of
checks for privileges and table-level grants by providing a specially
crafted table name argument to COM_FIELD_LIST (CVE-2010-1848).

The server could be tricked into reading packets indefinitely if it
received a packet larger than the maximum size of one packet

The server was susceptible to a buffer-overflow attack due to a
failure to perform bounds checking on the table name argument of a
COM_FIELD_LIST command packet. By sending long data for the table
name, a buffer is overflown, which could be exploited by an
authenticated user to inject malicious code (CVE-2010-1850).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:

The updated packages have been patched to correct these issues.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.1
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 46726 (mandriva_MDVSA-2010-107.nasl)

Bugtraq ID: 40100

CVE ID: CVE-2010-1848

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now