Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.MANDRIVA_MDVSA-2008-017.NASL
HistoryApr 23, 2009 - 12:00 a.m.

Mandriva Linux Security Advisory : mysql (MDVSA-2008:017)

2009-04-2300:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON

MySQL 5.0.x did not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement (CVE-2007-6303).

The federated engine in MySQL 5.0.x, when performing a certain SHOW TABLE STATUS query, did not properly handle a response with a small number of columns, which could allow a remote MySQL server to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns (CVE-2007-6304).

The updated packages have been patched to correct these issues.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2008:017. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(36404);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2007-6303", "CVE-2007-6304");
  script_bugtraq_id(26832);
  script_xref(name:"MDVSA", value:"2008:017");

  script_name(english:"Mandriva Linux Security Advisory : mysql (MDVSA-2008:017)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"MySQL 5.0.x did not update the DEFINER value of a view when the view
is altered, which allows remote authenticated users to gain privileges
via a sequence of statements including a CREATE SQL SECURITY DEFINER
VIEW statement and an ALTER VIEW statement (CVE-2007-6303).

The federated engine in MySQL 5.0.x, when performing a certain SHOW
TABLE STATUS query, did not properly handle a response with a small
number of columns, which could allow a remote MySQL server to cause a
denial of service (federated handler crash and daemon crash) via a
response that lacks the minimum required number of columns
(CVE-2007-6304).

The updated packages have been patched to correct these issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mysql15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmysql15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-max");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-management");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-ndb-tools");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/01/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64mysql-devel-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64mysql-static-devel-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64mysql15-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libmysql-devel-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libmysql-static-devel-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libmysql15-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-bench-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-client-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-common-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-max-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-ndb-extra-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-ndb-management-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-ndb-storage-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.0", reference:"mysql-ndb-tools-5.0.45-7.2mdv2008.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxlib64mysql-develp-cpe:/a:mandriva:linux:lib64mysql-devel
mandrivalinuxlib64mysql-static-develp-cpe:/a:mandriva:linux:lib64mysql-static-devel
mandrivalinuxlib64mysql15p-cpe:/a:mandriva:linux:lib64mysql15
mandrivalinuxlibmysql-develp-cpe:/a:mandriva:linux:libmysql-devel
mandrivalinuxlibmysql-static-develp-cpe:/a:mandriva:linux:libmysql-static-devel
mandrivalinuxlibmysql15p-cpe:/a:mandriva:linux:libmysql15
mandrivalinuxmysqlp-cpe:/a:mandriva:linux:mysql
mandrivalinuxmysql-benchp-cpe:/a:mandriva:linux:mysql-bench
mandrivalinuxmysql-clientp-cpe:/a:mandriva:linux:mysql-client
mandrivalinuxmysql-commonp-cpe:/a:mandriva:linux:mysql-common
Rows per page:
1-10 of 161

Related

openvas 21
seebug 1
nessus 16
gentoo 1
altlinux 1
cvelist 2
prion 4
cve 4
ubuntucve 2
securityvulns 1
nvd 4
veracode 1
f5 2
osv 1
debian 1
fedora 2
centos 1
redhat 1
ubuntu 3
oraclelinux 1
photon 1
openvas
openvas
Mandriva Update for mysql MDVSA-2008:017 (mysql)
2009-04-09 00:00:00
Mandriva Update for mysql MDVSA-2008:017 (mysql)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200804-04 (mysql)
2008-09-24 00:00:00
seebug
seebug
MySQL Serverζƒι™ζε‡εŠζ‹’η»ζœεŠ‘ζΌζ΄ž
2007-12-14 00:00:00
nessus
nessus
MySQL < 5.0.51a / 5.1.23 / 6.0.4 Multiple Vulnerabilities
2012-01-16 00:00:00
GLSA-200804-04 : MySQL: Multiple vulnerabilities
2008-04-11 00:00:00
Mandriva Linux Security Advisory : mysql (MDVSA-2008:028)
2009-04-23 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2008-04-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt1
2008-01-01 00:00:00
cvelist
cvelist
CVE-2007-6303
2007-12-10 21:00:00
CVE-2007-6304
2007-12-10 21:00:00
prion
prion
Code injection
2007-12-10 21:46:00
Code injection
2007-12-10 21:46:00
Design/Logic Flaw
2008-02-06 21:00:00
cve
cve
CVE-2007-6304
2007-12-10 21:46:00
CVE-2007-6303
2007-12-10 21:46:00
CVE-2008-0626
2008-02-06 21:00:00
ubuntucve
ubuntucve
CVE-2007-6304
2007-12-10 00:00:00
CVE-2007-6303
2007-12-10 00:00:00
securityvulns
securityvulns
MySQL SHOW TABLE STATUS DoS
2007-12-21 00:00:00
nvd
nvd
CVE-2007-6303
2007-12-10 21:46:00
CVE-2007-6304
2007-12-10 21:46:00
CVE-2008-0626
2008-02-06 21:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:22:26
f5
f5
K8178 : MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2013-03-18 00:00:00
SOL8178 - MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2008-01-13 00:00:00
osv
osv
mysql-dfsg-5.0 several vulnerabilities
2008-01-06 00:00:00
debian
debian
[SECURITY] [DSA 1451-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2008-01-06 18:04:18
fedora
fedora
[SECURITY] Fedora 7 Update: mysql-5.0.45-6.fc7
2007-12-15 19:25:51
[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8
2007-12-15 19:25:11
centos
centos
mysql security update
2007-12-22 14:26:47
redhat
redhat
(RHSA-2007:1157) Important: mysql security update
2007-12-19 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2007-12-21 00:00:00
MySQL regression
2008-04-02 00:00:00
MySQL vulnerabilities
2008-03-19 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2008-05-30 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0212
2019-03-05 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON
Related for MANDRIVA_MDVSA-2008-017.NASL
openvas21seebug1nessus16gentoo1altlinux1cvelist2prion4cve4ubuntucve2securityvulns1nvd4veracode1f52osv1debian1fedora2centos1redhat1ubuntu3oraclelinux1photon1