Mandriva Linux Security Advisory : mysql (MDVSA-2010:223)

Medium Nessus Plugin ID 50534


The remote Mandriva Linux host is missing one or more security updates.


Multiple vulnerabilities were discovered and corrected in mysql :

- During evaluation of arguments to extreme-value functions (such as LEAST() and GREATEST()), type errors did not propagate properly, causing the server to crash (CVE-2010-3833).

- The server could crash after materializing a derived table that required a temporary table for grouping (CVE-2010-3834).

- A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted (CVE-2010-3835).

- Pre-evaluation of LIKE predicates during view preparation could cause a server crash (CVE-2010-3836).

- GROUP_CONCAT() and WITH ROLLUP together could cause a server crash (CVE-2010-3837).

- Queries could cause a server crash if the GREATEST() or LEAST() function had a mixed list of numeric and LONGBLOB arguments, and the result of such a function was processed using an intermediate temporary table (CVE-2010-3838).

- Queries with nested joins could cause an infinite loop in the server when used from stored procedures and prepared statements (CVE-2010-3839).

- The PolyFromWKB() function could crash the server when improper WKB data was passed to the function (CVE-2010-3840).

The updated packages have been patched to correct these issues.


Update the affected packages.

See Also

Plugin Details

Severity: Medium

ID: 50534

File Name: mandriva_MDVSA-2010-223.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2010/11/10

Modified: 2016/05/17

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64mysql-devel, p-cpe:/a:mandriva:linux:lib64mysql-static-devel, p-cpe:/a:mandriva:linux:lib64mysql16, p-cpe:/a:mandriva:linux:libmysql-devel, p-cpe:/a:mandriva:linux:libmysql-static-devel, p-cpe:/a:mandriva:linux:libmysql16, p-cpe:/a:mandriva:linux:mysql, p-cpe:/a:mandriva:linux:mysql-bench, p-cpe:/a:mandriva:linux:mysql-client, p-cpe:/a:mandriva:linux:mysql-common, p-cpe:/a:mandriva:linux:mysql-common-core, p-cpe:/a:mandriva:linux:mysql-core, p-cpe:/a:mandriva:linux:mysql-doc, p-cpe:/a:mandriva:linux:mysql-max, p-cpe:/a:mandriva:linux:mysql-ndb-extra, p-cpe:/a:mandriva:linux:mysql-ndb-management, p-cpe:/a:mandriva:linux:mysql-ndb-storage, p-cpe:/a:mandriva:linux:mysql-ndb-tools, p-cpe:/a:mandriva:linux:mysql-plugin_pbxt, p-cpe:/a:mandriva:linux:mysql-plugin_pinba, p-cpe:/a:mandriva:linux:mysql-plugin_revision, p-cpe:/a:mandriva:linux:mysql-plugin_sphinx, p-cpe:/a:mandriva:linux:mysql-plugin_spider, cpe:/o:mandriva:linux:2009.1, cpe:/o:mandriva:linux:2010.0, cpe:/o:mandriva:linux:2010.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/11/09

Reference Information

CVE: CVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2010-3839, CVE-2010-3840

BID: 43676

MDVSA: 2010:223