From: Genco YILMAZ (gyilmaz@genco.gen.tc)
Date: Wed 16 Mar 2005 - 20:30:17 EET
MySQL de bir acik.
Sune Kloppenborg Jeppesen wrote:
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>Gentoo Linux Security Advisory GLSA 200503-19
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> http://security.gentoo.org/
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
> Severity: Normal
> Title: MySQL: Multiple vulnerabilities
> Date: March 16, 2005
> Bugs: #84819
> ID: 200503-19
>
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
>Synopsis
>========
>
>MySQL contains several vulnerabilities potentially leading to the
>overwriting of local files or to the execution of arbitrary code.
>
>Background
>==========
>
>MySQL is a fast, multi-threaded, multi-user SQL database server.
>
>Affected packages
>=================
>
> -------------------------------------------------------------------
> Package / Vulnerable / Unaffected
> -------------------------------------------------------------------
> 1 dev-db/mysql < 4.0.24 >= 4.0.24
>
>Description
>===========
>
>MySQL fails to properly validate input for authenticated users with
>INSERT and DELETE privileges (CAN-2005-0709 and CAN-2005-0710).
>Furthermore MySQL uses predictable filenames when creating temporary
>files with CREATE TEMPORARY TABLE (CAN-2005-0711).
>
>Impact
>======
>
>At attacker with INSERT and DELETE privileges could exploit this to
>manipulate the mysql table or accessing libc calls, potentially leading
>to the execution of arbitrary code with the permissions of the user
>running MySQL. An attacker with CREATE TEMPORARY TABLE privileges could
>exploit this to overwrite arbitrary files via a symlink attack.
>
>Workaround
>==========
>
>There is no known workaround at this time.
>
>Resolution
>==========
>
>All MySQL users should upgrade to the latest version:
>
> # emerge --sync
> # emerge --ask --oneshot --verbose ">=dev-db/mysql-4.0.24"
>
>References
>==========
>
> [ 1 ] CAN-2005-0709
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709
> [ 2 ] CAN-2005-0710
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710
> [ 3 ] CAN-2005-0711
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
>
>Availability
>============
>
>This GLSA and any updates to it are available for viewing at
>the Gentoo Security Website:
>
> http://security.gentoo.org/glsa/glsa-200503-19.xml
>
>Concerns?
>=========
>
>Security is a primary focus of Gentoo Linux and ensuring the
>confidentiality and security of our users machines is of utmost
>importance to us. Any security concerns should be addressed to
>security@gentoo.org or alternatively, you may file a bug at
>http://bugs.gentoo.org.
>
>License
>=======
>
>Copyright 2005 Gentoo Foundation, Inc; referenced text
>belongs to its owner(s).
>
>The contents of this document are licensed under the
>Creative Commons - Attribution / Share Alike license.
>
>http://creativecommons.org/licenses/by-sa/2.0
>
>
-- Genco YILMAZ
_______________________________________________
Linux-guvenlik mailing list
Linux-guvenlik@liste.linux.org.tr
http://liste.linux.org.tr/mailman/listinfo/linux-guvenlik