Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20071218_MYSQL_ON_SL5_X.NASL
HistoryAug 01, 2012 - 12:00 a.m.

Scientific Linux Security Update : mysql on SL5.x, SL4.x i386/x86_64

2012-08-0100:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.032 Low

EPSS

Percentile

91.2%

JSON

A flaw was found in a way MySQL handled symbolic links when database tables were created with explicit β€˜DATA’ and β€˜INDEX DIRECTORY’ options. An authenticated user could create a table that would overwrite tables in other databases, causing destruction of data or allowing the user to elevate privileges. (CVE-2007-5969)

A flaw was found in a way MySQL’s InnoDB engine handled spatial indexes. An authenticated user could create a table with spatial indexes, which are not supported by the InnoDB engine, that would cause the mysql daemon to crash when used. This issue only causes a temporary denial of service, as the mysql daemon will be automatically restarted after the crash. (CVE-2007-5925)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(60332);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-5925", "CVE-2007-5969");

  script_name(english:"Scientific Linux Security Update : mysql on SL5.x, SL4.x i386/x86_64");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was found in a way MySQL handled symbolic links when database
tables were created with explicit 'DATA' and 'INDEX DIRECTORY'
options. An authenticated user could create a table that would
overwrite tables in other databases, causing destruction of data or
allowing the user to elevate privileges. (CVE-2007-5969)

A flaw was found in a way MySQL's InnoDB engine handled spatial
indexes. An authenticated user could create a table with spatial
indexes, which are not supported by the InnoDB engine, that would
cause the mysql daemon to crash when used. This issue only causes a
temporary denial of service, as the mysql daemon will be automatically
restarted after the crash. (CVE-2007-5925)"
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0712&L=scientific-linux-errata&T=0&P=2138
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?fcaa9fce"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C");
  script_cwe_id(20, 264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/12/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL4", cpu:"i386", reference:"mysql-4.1.20-3.RHEL4.1.el4_6.1")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"mysql-4.1.20-3.RHEL4.1.el4.1")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"mysql-bench-4.1.20-3.RHEL4.1.el4_6.1")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"mysql-bench-4.1.20-3.RHEL4.1.el4.1")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"mysql-devel-4.1.20-3.RHEL4.1.el4_6.1")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"mysql-devel-4.1.20-3.RHEL4.1.el4.1")) flag++;
if (rpm_check(release:"SL4", cpu:"i386", reference:"mysql-server-4.1.20-3.RHEL4.1.el4_6.1")) flag++;
if (rpm_check(release:"SL4", cpu:"x86_64", reference:"mysql-server-4.1.20-3.RHEL4.1.el4.1")) flag++;

if (rpm_check(release:"SL5", reference:"mysql-5.0.22-2.2.el5_1.1")) flag++;
if (rpm_check(release:"SL5", reference:"mysql-bench-5.0.22-2.2.el5_1.1")) flag++;
if (rpm_check(release:"SL5", reference:"mysql-devel-5.0.22-2.2.el5_1.1")) flag++;
if (rpm_check(release:"SL5", reference:"mysql-server-5.0.22-2.2.el5_1.1")) flag++;
if (rpm_check(release:"SL5", reference:"mysql-test-5.0.22-2.2.el5_1.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

nessus 25
openvas 34
centos 2
oraclelinux 3
redhat 2
f5 2
fedora 2
slackware 1
ubuntu 2
gentoo 2
cve 2
veracode 2
ubuntucve 2
cvelist 2
nvd 2
prion 2
securityvulns 2
freebsd 1
seebug 1
debian 3
osv 2
altlinux 1
nessus
nessus
Oracle Linux 4 / 5 : mysql (ELSA-2007-1155)
2013-07-12 00:00:00
RHEL 4 / 5 : mysql (RHSA-2007:1155)
2007-12-19 00:00:00
CentOS 4 / 5 : mysql (CESA-2007:1155)
2007-12-19 00:00:00
openvas
openvas
RedHat Update for mysql RHSA-2007:1155-01
2009-03-06 00:00:00
CentOS Update for mysql CESA-2007:1155 centos4 x86_64
2009-02-27 00:00:00
CentOS Update for mysql CESA-2007:1155 centos4 x86_64
2009-02-27 00:00:00
centos
centos
mysql security update
2007-12-18 20:47:57
mysql security update
2007-12-22 14:26:47
oraclelinux
oraclelinux
Important: mysql security update
2007-12-18 00:00:00
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
mysql security and bug fix update
2008-05-30 00:00:00
redhat
redhat
(RHSA-2007:1155) Important: mysql security update
2007-12-18 00:00:00
(RHSA-2007:1157) Important: mysql security update
2007-12-19 00:00:00
f5
f5
K8178 : MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2013-03-18 00:00:00
SOL8178 - MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2008-01-13 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8
2007-12-15 19:25:11
[SECURITY] Fedora 7 Update: mysql-5.0.45-6.fc7
2007-12-15 19:25:51
slackware
slackware
[slackware-security] mysql
2007-12-15 02:03:51
ubuntu
ubuntu
MySQL vulnerabilities
2007-12-21 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
gentoo
gentoo
MySQL: Denial of service
2007-11-18 00:00:00
MySQL: Multiple vulnerabilities
2008-04-06 00:00:00
cve
cve
CVE-2007-5925
2007-11-10 02:46:00
CVE-2007-5969
2007-12-10 19:46:00
veracode
veracode
Privilege Escalation
2020-04-10 00:22:25
Denial Of Service (DoS)
2020-04-10 00:22:25
ubuntucve
ubuntucve
CVE-2007-5969
2007-12-10 00:00:00
CVE-2007-5925
2007-11-10 00:00:00
cvelist
cvelist
CVE-2007-5969
2007-12-10 19:00:00
CVE-2007-5925
2007-11-10 02:00:00
nvd
nvd
CVE-2007-5925
2007-11-10 02:46:00
CVE-2007-5969
2007-12-10 19:46:00
prion
prion
Design/Logic Flaw
2007-11-10 02:46:00
Design/Logic Flaw
2007-12-10 19:46:00
securityvulns
securityvulns
MySQL DoS
2007-11-19 00:00:00
[Full-disclosure] [ GLSA 200711-25 ] MySQL: Denial of Service
2007-11-19 00:00:00
freebsd
freebsd
mysql -- privilege escalation and overwrite of the system table information
2007-11-14 00:00:00
seebug
seebug
MySQLζœεŠ‘ε™¨RENAME TABLEη³»η»Ÿθ‘¨ζ Όθ¦†η›–ζΌζ΄ž
2007-12-13 00:00:00
debian
debian
[SECURITY] [DSA 1451-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2008-01-06 18:04:18
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
osv
osv
mysql-dfsg-5.0 several vulnerabilities
2008-01-06 00:00:00
mysql - multiple
2007-11-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt1
2008-01-01 00:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.032 Low

EPSS

Percentile

91.2%

JSON
Related for SL_20071218_MYSQL_ON_SL5_X.NASL
nessus25openvas34centos2oraclelinux3redhat2f52fedora2slackware1ubuntu2gentoo2cve2veracode2ubuntucve2cvelist2nvd2prion2securityvulns2freebsd1seebug1debian3osv2altlinux1