Mandriva Linux Security Advisory : mysql (MDVSA-2010:223)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

Multiple vulnerabilities were discovered and corrected in mysql :

- During evaluation of arguments to extreme-value
functions (such as LEAST() and GREATEST()), type errors
did not propagate properly, causing the server to crash

- The server could crash after materializing a derived
table that required a temporary table for grouping

- A user-variable assignment expression that is evaluated
in a logical expression context can be precalculated in
a temporary table for GROUP BY. However, when the
expression value is used after creation of the temporary
table, it was re-evaluated, not read from the table and
a server crash resulted (CVE-2010-3835).

- Pre-evaluation of LIKE predicates during view
preparation could cause a server crash (CVE-2010-3836).

- GROUP_CONCAT() and WITH ROLLUP together could cause a
server crash (CVE-2010-3837).

- Queries could cause a server crash if the GREATEST() or
LEAST() function had a mixed list of numeric and
LONGBLOB arguments, and the result of such a function
was processed using an intermediate temporary table

- Queries with nested joins could cause an infinite loop
in the server when used from stored procedures and
prepared statements (CVE-2010-3839).

- The PolyFromWKB() function could crash the server when
improper WKB data was passed to the function

The updated packages have been patched to correct these issues.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 50534 ()

Bugtraq ID: 43676

CVE ID: CVE-2010-3833

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now