Detections
Analytics

MiracleLinux 3 : mysql-5.0.77-4.3.0.1.AXS3 (AXSA:2010-290:03)

critical Nessus Plugin ID 284093

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-290:03 advisory.

 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the MySQL client programs, the client shared libraries, and generic MySQL files.
 Security issues fixed with this release:
 CVE-2010-1626 MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008 7247.
 CVE-2010-1848 CVE-2010-1850 No information at the time of writing, please see the CVE links below for up-to-date information.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/1447

Plugin Details

Severity: Critical

ID: 284093

File Name: miracle_linux_AXSA-2010-290.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2010-1848

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2010-1850

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:mysql, p-cpe:/a:miracle:linux:mysql-server, p-cpe:/a:miracle:linux:mysql-devel, cpe:/o:miracle:linux:3, p-cpe:/a:miracle:linux:mysql-bench

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/28/2010

Vulnerability Publication Date: 4/6/2010

Exploitable With

CANVAS (White_Phosphorus)

Reference Information

CVE: CVE-2010-1626, CVE-2010-1848, CVE-2010-1850