FreeBSD : mysql -- database suid privilege escalation (a9c51caf-6603-11db-ab90-000e35fd8194)

medium Nessus Plugin ID 22924

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Dmitri Lenev reports a privilege escalation in MySQL. MySQL evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote and local authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.

Solution

Update the affected packages.

See Also

https://bugs.mysql.com/bug.php?id=18630

http://www.nessus.org/u?f09476a3

Plugin Details

Severity: Medium

ID: 22924

File Name: freebsd_pkg_a9c51caf660311dbab90000e35fd8194.nasl

Version: 1.14

Type: local

Published: 10/30/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mysql-server, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/29/2006

Vulnerability Publication Date: 3/29/2006

Reference Information

CVE: CVE-2006-4227

CWE: 20