Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200809-04 (mysql)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61599

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200809-04 (mysql)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200809-04.

A vulnerability in MySQL might allow users to bypass privileges and gain
access to other databases.

Solution:
All MySQL users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-db/mysql-5.0.60-r1'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200809-04
http://bugs.gentoo.org/show_bug.cgi?id=220399

CVSS Score:
4.6

CVSS Vector:
AV:N/AC:H/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-2079
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
BugTraq ID: 29106
http://www.securityfocus.com/bid/29106
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
Debian Security Information: DSA-1608 (Google Search)
http://www.debian.org/security/2008/dsa-1608
http://www.mandriva.com/security/advisories?name=MDVSA-2008:149
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133
http://www.redhat.com/support/errata/RHSA-2008-0505.html
http://www.redhat.com/support/errata/RHSA-2008-0510.html
http://www.redhat.com/support/errata/RHSA-2008-0768.html
http://www.redhat.com/support/errata/RHSA-2009-1289.html
http://www.securitytracker.com/id?1019995
http://secunia.com/advisories/30134
http://secunia.com/advisories/31066
http://secunia.com/advisories/31226
http://secunia.com/advisories/31687
http://secunia.com/advisories/32222
http://secunia.com/advisories/32769
http://secunia.com/advisories/36566
http://secunia.com/advisories/36701
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.ubuntu.com/usn/USN-671-1
http://www.vupen.com/english/advisories/2008/1472/references
http://www.vupen.com/english/advisories/2008/2780
XForce ISS Database: mysql-myisam-security-bypass(42267)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42267

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61599
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200809-04 (mysql)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200809-04. A vulnerability in MySQL might allow users to bypass privileges and gain access to other databases. Solution: All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mysql-5.0.60-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200809-04 http://bugs.gentoo.org/show_bug.cgi?id=220399 CVSS Score: 4.6 CVSS Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2079 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html BugTraq ID: 29106 http://www.securityfocus.com/bid/29106 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Debian Security Information: DSA-1608 (Google Search) http://www.debian.org/security/2008/dsa-1608 http://www.mandriva.com/security/advisories?name=MDVSA-2008:149 http://www.mandriva.com/security/advisories?name=MDVSA-2008:150 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133 http://www.redhat.com/support/errata/RHSA-2008-0505.html http://www.redhat.com/support/errata/RHSA-2008-0510.html http://www.redhat.com/support/errata/RHSA-2008-0768.html http://www.redhat.com/support/errata/RHSA-2009-1289.html http://www.securitytracker.com/id?1019995 http://secunia.com/advisories/30134 http://secunia.com/advisories/31066 http://secunia.com/advisories/31226 http://secunia.com/advisories/31687 http://secunia.com/advisories/32222 http://secunia.com/advisories/32769 http://secunia.com/advisories/36566 http://secunia.com/advisories/36701 SuSE Security Announcement: SUSE-SR:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://www.ubuntu.com/usn/USN-671-1 http://www.vupen.com/english/advisories/2008/1472/references http://www.vupen.com/english/advisories/2008/2780 XForce ISS Database: mysql-myisam-security-bypass(42267) https://exchange.xforce.ibmcloud.com/vulnerabilities/42267
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com