Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2007:0894
HistorySep 10, 2007 - 12:00 a.m.

(RHSA-2007:0894) Important: mysql security update

2007-09-1000:00:00
access.redhat.com
25

EPSS

0.83

Percentile

98.5%

JSON

On the 23rd August 2007, Red Hat Application Stack v1.2 was released. This
release contained a new version of MySQL that corrected several security
issues found in the MySQL packages of Red Hat Application Stack v1.1.

Users who have already updated to Red Hat Application Stack v1.2 will
already have the new MySQL packages and are not affected by these issues.

A flaw was discovered in MySQL’s authentication protocol. A remote
unauthenticated attacker could send a specially crafted authentication
request to the MySQL server causing it to crash. (CVE-2007-3780)

MySQL did not require privileges such as SELECT for the source table in a
CREATE TABLE LIKE statement. A remote authenticated user could obtain
sensitive information such as the table structure. (CVE-2007-3781)

A flaw was discovered in MySQL that allowed remote authenticated
users to gain update privileges for a table in another database via a view
that refers to the external table (CVE-2007-3782).

A flaw was discovered in the mysql_change_db function when returning from
SQL SECURITY INVOKER stored routines. A remote authenticated user could
use this flaw to gain database privileges. (CVE-2007-2692)

MySQL did not require the DROP privilege for RENAME TABLE statements. A
remote authenticated users could use this flaw to rename arbitrary tables.
(CVE-2007-2691)

OSVersionArchitecturePackageVersionFilename
RedHat4i386mysql-server< 5.0.44-1.el4s1.1mysql-server-5.0.44-1.el4s1.1.i386.rpm
RedHat4x86_64mysql-bench< 5.0.44-1.el4s1.1mysql-bench-5.0.44-1.el4s1.1.x86_64.rpm
RedHat4x86_64mysql-libs< 5.0.44-1.el4s1.1mysql-libs-5.0.44-1.el4s1.1.x86_64.rpm
RedHat4i386mysql-libs< 5.0.44-1.el4s1.1mysql-libs-5.0.44-1.el4s1.1.i386.rpm
RedHat4i386mysql-test< 5.0.44-1.el4s1.1mysql-test-5.0.44-1.el4s1.1.i386.rpm
RedHat4i386mysql-cluster< 5.0.44-1.el4s1.1mysql-cluster-5.0.44-1.el4s1.1.i386.rpm
RedHat4x86_64mysql< 5.0.44-1.el4s1.1mysql-5.0.44-1.el4s1.1.x86_64.rpm
RedHat4x86_64mysql-cluster< 5.0.44-1.el4s1.1mysql-cluster-5.0.44-1.el4s1.1.x86_64.rpm
RedHat4i386mysql< 5.0.44-1.el4s1.1mysql-5.0.44-1.el4s1.1.i386.rpm
RedHat4x86_64mysql-server< 5.0.44-1.el4s1.1mysql-server-5.0.44-1.el4s1.1.x86_64.rpm
Rows per page:
1-10 of 141

Related

nessus 34
openvas 37
debian 3
osv 2
securityvulns 5
ubuntu 4
gentoo 1
redhat 3
oraclelinux 3
cvelist 5
prion 5
freebsd 2
cve 5
centos 1
veracode 4
nvd 5
ubuntucve 5
slackware 1
nessus
nessus
Mandrake Linux Security Advisory : MySQL (MDKSA-2007:177)
2007-09-07 00:00:00
openSUSE 10 Security Update : mysql (mysql-4375)
2007-10-17 00:00:00
MySQL Community Server 5.0 < 5.0.45 Multiple Vulnerabilities
2007-07-25 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1413-1)
2008-01-17 00:00:00
Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
2009-03-23 00:00:00
Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1451-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2008-01-06 18:04:18
osv
osv
mysql - multiple
2007-11-26 00:00:00
mysql-dfsg-5.0 several vulnerabilities
2008-01-06 00:00:00
securityvulns
securityvulns
[email protected], [email protected]
2007-10-13 00:00:00
MySQL multiple security vulnerabilities
2007-10-13 00:00:00
MySQL multiple security vulnerabilities
2007-08-17 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2007-10-11 00:00:00
MySQL vulnerabilities
2007-12-21 00:00:00
MySQL vulnerabilities
2008-03-19 00:00:00
gentoo
gentoo
MySQL: Denial of Service and information leakage
2007-08-16 00:00:00
redhat
redhat
(RHSA-2008:0364) Low: mysql security and bug fix update
2008-05-20 00:00:00
(RHSA-2007:0875) Important: mysql security update
2007-08-30 00:00:00
(RHSA-2008:0768) Moderate: mysql security, bug fix, and enhancement update
2008-07-24 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2008-05-30 00:00:00
Important: mysql security update
2007-08-30 00:00:00
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
cvelist
cvelist
CVE-2007-3780
2007-07-15 22:00:00
CVE-2007-3782
2007-07-15 22:00:00
CVE-2007-2691
2007-05-16 01:00:00
prion
prion
Code injection
2007-07-15 22:30:00
Code injection
2007-07-15 22:30:00
Code injection
2007-05-16 01:19:00
freebsd
freebsd
mysql -- remote dos via malformed password packet
2007-07-15 00:00:00
mysql -- renaming of arbitrary tables by authenticated users
2007-05-14 00:00:00
cve
cve
CVE-2007-3780
2007-07-15 22:30:00
CVE-2007-3781
2007-07-15 22:30:00
CVE-2007-3782
2007-07-15 22:30:00
centos
centos
mysql security update
2007-08-30 18:26:18
veracode
veracode
Privilege Escalation
2020-04-10 00:28:44
Privilege Escalation
2020-04-10 00:25:17
Information Disclosure
2020-04-10 00:28:43
nvd
nvd
CVE-2007-3781
2007-07-15 22:30:00
CVE-2007-3780
2007-07-15 22:30:00
CVE-2007-3782
2007-07-15 22:30:00
ubuntucve
ubuntucve
CVE-2007-3780
2007-07-15 00:00:00
CVE-2007-3782
2007-07-15 00:00:00
CVE-2007-3781
2007-07-15 00:00:00
slackware
slackware
[slackware-security] mysql
2007-12-15 02:03:51

EPSS

0.83

Percentile

98.5%

JSON
Related for RHSA-2007:0894
nessus34openvas37debian3osv2securityvulns5ubuntu4gentoo1redhat3oraclelinux3cvelist5prion5freebsd2cve5centos1veracode4nvd5ubuntucve5slackware1