Oracle Solaris Third-Party Patch Update : mysql (multiple_vulnerabilities_in_mysql)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Solaris system is missing a security patch for third-party
software.

Description :

The remote Solaris system is missing necessary patches to address
security updates :

- MySQL before 5.0.67 allows local users to bypass certain
privilege checks by calling CREATE TABLE on a MyISAM
table with modified (1) DATA DIRECTORY or (2) INDEX
DIRECTORY arguments that are originally associated with
pathnames without symlinks, and that can point to tables
created at a future time at which a pathname is modified
to contain a symlink to a subdirectory of the MySQL home
data directory. NOTE: this vulnerability exists because
of an incomplete fix for CVE-2008-4097. (CVE-2008-4098)

- sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x
through 5.1.41, and 6.0 before 6.0.9-alpha, when the
data home directory contains a symlink to a different
filesystem, allows remote authenticated users to bypass
intended access restrictions by calling CREATE TABLE
with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY
argument referring to a subdirectory that requires
following this symlink. (CVE-2008-7247)

- MySQL before 5.1.46 allows local users to delete the
data and index files of another user's MyISAM table via
a symlink attack in conjunction with the DROP TABLE
command, a different vulnerability than CVE-2008-4098
and CVE-2008-7247. (CVE-2010-1626)

- MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x
before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL
5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and
earlier allows remote attackers to cause a denial of
service (crash) via a crafted geometry feature that
specifies a large number of points, which is not
properly handled when processing the binary
representation of this feature, related to a numeric
calculation error. (CVE-2013-1861)

See also :

http://www.nessus.org/u?b5f8def1
http://www.nessus.org/u?3ad04fd7

Solution :

Upgrade to Solaris 11.1.10.5.0.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)

Family: Solaris Local Security Checks

Nessus Plugin ID: 80705 ()

Bugtraq ID:

CVE ID: CVE-2008-4098
CVE-2008-7247
CVE-2010-1626
CVE-2013-1861

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now