LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: November 17th, 2014
Linux Advisory Watch: November 14th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated MySQL packages fix vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability was found in MySQL's authentication protocol, making it possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash (CVE-2007-3780).
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:177
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : MySQL
 Date    : September 6, 2007
 Affected: 2007.0, 2007.1, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was found in MySQL's authentication protocol, making
 it possible for a remote unauthenticated attacker to send a specially
 crafted authentication request to the MySQL server causing it to crash
 (CVE-2007-3780).
 
 Another flaw was discovered in MySQL that allowed remote authenticated
 users to gain update privileges for a table in another database via
 a view that refers to the external table (CVE-2007-3782).
 
 Updated packages have been patched to prevent these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 43b19d6908c3e084f1b404feb00c63de  2007.0/i586/MySQL-5.0.24a-2.2mdv2007.0.i586.rpm
 8fe94c7be904870d65b469a4c81196df  2007.0/i586/MySQL-Max-5.0.24a-2.2mdv2007.0.i586.rpm
 3660295e693c4ecdbffbe3ae0b5701d8  2007.0/i586/MySQL-bench-5.0.24a-2.2mdv2007.0.i586.rpm
 7298bcc5c8ee75a6eab087b9917b78f1  2007.0/i586/MySQL-client-5.0.24a-2.2mdv2007.0.i586.rpm
 15dd0f8dcf80b1c1019eac8a5a4a7052  2007.0/i586/MySQL-common-5.0.24a-2.2mdv2007.0.i586.rpm
 37ca2f0c3a007ff1c8981c1b7125ce2d  2007.0/i586/MySQL-ndb-extra-5.0.24a-2.2mdv2007.0.i586.rpm
 544ef62805a41bf9b403e25ce7c7c1f5  2007.0/i586/MySQL-ndb-management-5.0.24a-2.2mdv2007.0.i586.rpm
 d7c5b8b833c2619dfa20401d0da61918  2007.0/i586/MySQL-ndb-storage-5.0.24a-2.2mdv2007.0.i586.rpm
 e05d20b0c89d60be5b7be125e01bd7db  2007.0/i586/MySQL-ndb-tools-5.0.24a-2.2mdv2007.0.i586.rpm
 ee401b386f61cdd23ad8ac68500d57ef  2007.0/i586/libmysql15-5.0.24a-2.2mdv2007.0.i586.rpm
 7eb3b28147bb62fce7226c2bcd2fc0cf  2007.0/i586/libmysql15-devel-5.0.24a-2.2mdv2007.0.i586.rpm
 f6173d4e62a6c52a124e8c7780796ed7  2007.0/i586/libmysql15-static-devel-5.0.24a-2.2mdv2007.0.i586.rpm 
 ed790867b5e832f98e14a5831d3c3d9b  2007.0/SRPMS/MySQL-5.0.24a-2.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 9d8b485e4debe1a29d99cb4fc023ed17  2007.0/x86_64/MySQL-5.0.24a-2.2mdv2007.0.x86_64.rpm
 8d0fd0cbc5449a5e9b9282209d8fb985  2007.0/x86_64/MySQL-Max-5.0.24a-2.2mdv2007.0.x86_64.rpm
 05278a6de101b301da12d402636a5e33  2007.0/x86_64/MySQL-bench-5.0.24a-2.2mdv2007.0.x86_64.rpm
 72efb5e7e697da6239e329370f972944  2007.0/x86_64/MySQL-client-5.0.24a-2.2mdv2007.0.x86_64.rpm
 e2dbbe658be425721686df1a7b55251f  2007.0/x86_64/MySQL-common-5.0.24a-2.2mdv2007.0.x86_64.rpm
 1d89433b36d4e80c2f56278adf028270  2007.0/x86_64/MySQL-ndb-extra-5.0.24a-2.2mdv2007.0.x86_64.rpm
 a709ab263cd6ea0254fb151c00eb71c4  2007.0/x86_64/MySQL-ndb-management-5.0.24a-2.2mdv2007.0.x86_64.rpm
 85d6c978f065853608a12d2a4bd9e04f  2007.0/x86_64/MySQL-ndb-storage-5.0.24a-2.2mdv2007.0.x86_64.rpm
 88367e83123464a946c39aa115590142  2007.0/x86_64/MySQL-ndb-tools-5.0.24a-2.2mdv2007.0.x86_64.rpm
 c8f4fce474c9c5727499eacb1e31dbb1  2007.0/x86_64/lib64mysql15-5.0.24a-2.2mdv2007.0.x86_64.rpm
 86230304c28d04713d68388a742c5888  2007.0/x86_64/lib64mysql15-devel-5.0.24a-2.2mdv2007.0.x86_64.rpm
 ff870649d1aab1fae3a80ff6398427a6  2007.0/x86_64/lib64mysql15-static-devel-5.0.24a-2.2mdv2007.0.x86_64.rpm 
 ed790867b5e832f98e14a5831d3c3d9b  2007.0/SRPMS/MySQL-5.0.24a-2.2mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 7fef4072328373994701bd1150169219  2007.1/i586/MySQL-5.0.37-2.2mdv2007.1.i586.rpm
 bbd5bfcca79fa90fd665e0aafeb4cfe9  2007.1/i586/MySQL-Max-5.0.37-2.2mdv2007.1.i586.rpm
 0441bb8eafd22b50e736703da932f665  2007.1/i586/MySQL-bench-5.0.37-2.2mdv2007.1.i586.rpm
 2187707d04ec069249b0860527e66882  2007.1/i586/MySQL-client-5.0.37-2.2mdv2007.1.i586.rpm
 bbedede029d6f1d91df678ec1d9da3a4  2007.1/i586/MySQL-common-5.0.37-2.2mdv2007.1.i586.rpm
 319d80d98c68eaaa3be389da3c4629f5  2007.1/i586/MySQL-ndb-extra-5.0.37-2.2mdv2007.1.i586.rpm
 cb4bf9d2fdbe4fbb1d54765526bfeb58  2007.1/i586/MySQL-ndb-management-5.0.37-2.2mdv2007.1.i586.rpm
 1c938b9274476282001907ed77de224a  2007.1/i586/MySQL-ndb-storage-5.0.37-2.2mdv2007.1.i586.rpm
 11c50f8638f76bec718ee8fc1b56af35  2007.1/i586/MySQL-ndb-tools-5.0.37-2.2mdv2007.1.i586.rpm
 4d247c4144b7a734eb0b31f5c254aaf4  2007.1/i586/libmysql15-5.0.37-2.2mdv2007.1.i586.rpm
 3ec4be50c4f1560717afcc9ac41408da  2007.1/i586/libmysql15-devel-5.0.37-2.2mdv2007.1.i586.rpm
 988b86aa49ccc5e192b197d0e32d8b5f  2007.1/i586/libmysql15-static-devel-5.0.37-2.2mdv2007.1.i586.rpm 
 b917f553fa6d0558628203aa7bc6f02d  2007.1/SRPMS/MySQL-5.0.37-2.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 594e1b48094ad676e9ef0dd3f5e66a1b  2007.1/x86_64/MySQL-5.0.37-2.2mdv2007.1.x86_64.rpm
 c2a2b915d686f80457568f35cc6ab64b  2007.1/x86_64/MySQL-Max-5.0.37-2.2mdv2007.1.x86_64.rpm
 27160238411f975742da59c4e4a575fc  2007.1/x86_64/MySQL-bench-5.0.37-2.2mdv2007.1.x86_64.rpm
 bb34823dcc3d1d3afa5581c5a93299b4  2007.1/x86_64/MySQL-client-5.0.37-2.2mdv2007.1.x86_64.rpm
 4c28854e5a25bd1545898eb7fa19dbe5  2007.1/x86_64/MySQL-common-5.0.37-2.2mdv2007.1.x86_64.rpm
 dde3a6779745b4bcacc86cb0ec15ae14  2007.1/x86_64/MySQL-ndb-extra-5.0.37-2.2mdv2007.1.x86_64.rpm
 a235878331e4e4e0b950ccc09e832fcd  2007.1/x86_64/MySQL-ndb-management-5.0.37-2.2mdv2007.1.x86_64.rpm
 171e18f799173055a892be5dfb1a099a  2007.1/x86_64/MySQL-ndb-storage-5.0.37-2.2mdv2007.1.x86_64.rpm
 7d09d6e1f704a0d650b9edc374ba25bd  2007.1/x86_64/MySQL-ndb-tools-5.0.37-2.2mdv2007.1.x86_64.rpm
 ab9731811943facfe7e230c1cab387ea  2007.1/x86_64/lib64mysql15-5.0.37-2.2mdv2007.1.x86_64.rpm
 d12e81527f57aa81ba4b441e9bc097a8  2007.1/x86_64/lib64mysql15-devel-5.0.37-2.2mdv2007.1.x86_64.rpm
 060401f7450f23b9aa4d39d63907edf5  2007.1/x86_64/lib64mysql15-static-devel-5.0.37-2.2mdv2007.1.x86_64.rpm 
 b917f553fa6d0558628203aa7bc6f02d  2007.1/SRPMS/MySQL-5.0.37-2.2mdv2007.1.src.rpm

 Corporate 4.0:
 1938deb4b70824480abff7dfe543e8ee  corporate/4.0/i586/MySQL-5.0.24-1.2.20060mlcs4.i586.rpm
 a1df8885e384446fe22929e439c7c525  corporate/4.0/i586/MySQL-Max-5.0.24-1.2.20060mlcs4.i586.rpm
 6f3479ce44c07541ef1f886c45803169  corporate/4.0/i586/MySQL-bench-5.0.24-1.2.20060mlcs4.i586.rpm
 4dea8048500128d6e28131eba033f1c0  corporate/4.0/i586/MySQL-client-5.0.24-1.2.20060mlcs4.i586.rpm
 717fc696fa3a65787672e53a25753639  corporate/4.0/i586/MySQL-common-5.0.24-1.2.20060mlcs4.i586.rpm
 4cfd221eef70439ada856c769f873dbb  corporate/4.0/i586/MySQL-ndb-extra-5.0.24-1.2.20060mlcs4.i586.rpm
 e968f12d07ce19867ca4f685deb9e652  corporate/4.0/i586/MySQL-ndb-management-5.0.24-1.2.20060mlcs4.i586.rpm
 06d5378cfc51cd416f2f0445ef37238a  corporate/4.0/i586/MySQL-ndb-storage-5.0.24-1.2.20060mlcs4.i586.rpm
 38d365c715489e5c2ca0c6aaed5795d1  corporate/4.0/i586/MySQL-ndb-tools-5.0.24-1.2.20060mlcs4.i586.rpm
 e628a68b96fc24856205950d5eba5141  corporate/4.0/i586/libmysql15-5.0.24-1.2.20060mlcs4.i586.rpm
 93b5484b399c648f1828408fb58a7e11  corporate/4.0/i586/libmysql15-devel-5.0.24-1.2.20060mlcs4.i586.rpm
 31b8c73500e0edfa03f1633bc6c69d55  corporate/4.0/i586/libmysql15-static-devel-5.0.24-1.2.20060mlcs4.i586.rpm 
 6980b62dc761aa26800cf6f916ad97cd  corporate/4.0/SRPMS/MySQL-5.0.24-1.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 3f0e93587ba367bc520724669ac1c086  corporate/4.0/x86_64/MySQL-5.0.24-1.2.20060mlcs4.x86_64.rpm
 d944f2af2c2bd621917005feccf61873  corporate/4.0/x86_64/MySQL-Max-5.0.24-1.2.20060mlcs4.x86_64.rpm
 5e2ed990999844d6f4c2b2cb86ae2bec  corporate/4.0/x86_64/MySQL-bench-5.0.24-1.2.20060mlcs4.x86_64.rpm
 1757800fcd5bb184878d3a6c7dbb90ba  corporate/4.0/x86_64/MySQL-client-5.0.24-1.2.20060mlcs4.x86_64.rpm
 e7800546e65218cebedc27a17876f208  corporate/4.0/x86_64/MySQL-common-5.0.24-1.2.20060mlcs4.x86_64.rpm
 8851f7b970ce101b404ce22e6a28f435  corporate/4.0/x86_64/MySQL-ndb-extra-5.0.24-1.2.20060mlcs4.x86_64.rpm
 30756109744e4b01c35465ca79a17d01  corporate/4.0/x86_64/MySQL-ndb-management-5.0.24-1.2.20060mlcs4.x86_64.rpm
 6b0c0f9f352e4a0c1e4f2daf5d6cc022  corporate/4.0/x86_64/MySQL-ndb-storage-5.0.24-1.2.20060mlcs4.x86_64.rpm
 93b941dcc96c76c4dd8d094ffcfe5d00  corporate/4.0/x86_64/MySQL-ndb-tools-5.0.24-1.2.20060mlcs4.x86_64.rpm
 3d4aae8b37ad1f8c5311202d8d5bd216  corporate/4.0/x86_64/lib64mysql15-5.0.24-1.2.20060mlcs4.x86_64.rpm
 3f1bf6d93890beac995231ef5141271e  corporate/4.0/x86_64/lib64mysql15-devel-5.0.24-1.2.20060mlcs4.x86_64.rpm
 e254f27be6338ef526d1ea2facfa6e6d  corporate/4.0/x86_64/lib64mysql15-static-devel-5.0.24-1.2.20060mlcs4.x86_64.rpm 
 6980b62dc761aa26800cf6f916ad97cd  corporate/4.0/SRPMS/MySQL-5.0.24-1.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Next year's DDoS attacks to come from Vietnam, India and Indonesia
Web Site Security Certificates Soon To Be Free and Easy
Hacker Lexicon: What Is the Dark Web?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.