Debian: DSA-1413-1 Critical: MySQL Remote Access Threats
debian
November 26, 2007
Several vulnerabilities have been found in the MySQL database packages
with implications ranging from unauthorized database modifications to
remotely triggered server crashes
Topics Covered
Summary
The in_decimal::set function in item_cmpfunc.cc in MySQL
before 5.0.40 allows context-dependent attackers to cause a
denial of service (crash) via a crafted IF clause that results
in a divide-by-zero error and a NULL pointer dereference.
(Affects source version 5.0.32)
CVE-2007-2691
MySQL does not require the DROP privilege for RENAME TABLE
statements, which allows remote authenticated users to rename
arbitrary tables. (All supported versions affected.)
CVE-2007-2692
The mysql_change_db function does not restore THD::db_access
privileges when returning from SQL SECURITY INVOKER stored
routines, which allows remote authenticated users to gain
privileges. (Affects source version 5.0.32)
CVE-2007-3780
MySQL could be made to overflow a signed char during
authentication. Remote attackers could use specially crafted
authentication requests to cause a denial of
service. (Upstream source versions 4.1.11a and 5.0.32
affected.)
CVE-2007-3782
Phil Anderton discovere...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!