Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.57422
Kategorie:SuSE Local Security Checks
Titel:SuSE Security Advisory SUSE-SA:2006:036 (mysql)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory SUSE-SA:2006:036.

The database server MySQL was updated to fix the following security problems:

- Attackers could read portions of memory by using a user name with
trailing null byte or via COM_TABLE_DUMP command (CVE-2006-1516,
CVE-2006-1517).

- Attackers could potentially execute arbitrary code by causing a
buffer overflow via specially crafted COM_TABLE_DUMP packets
(CVE-2006-1518).

The mysql server package was released on May 30th already, the
mysql-Max server package was released on June 20th after additional
bugfixes.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2006:036

Risk factor : High

CVSS Score:
6.5

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-1516
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
BugTraq ID: 17780
http://www.securityfocus.com/bid/17780
Bugtraq: 20060502 MySQL Anonymous Login Handshake - Information Leakage. (Google Search)
http://www.securityfocus.com/archive/1/432733/100/0/threaded
Bugtraq: 20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage (Google Search)
http://www.securityfocus.com/archive/1/434164/100/0/threaded
Cert/CC Advisory: TA07-072A
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Debian Security Information: DSA-1071 (Google Search)
http://www.debian.org/security/2006/dsa-1071
Debian Security Information: DSA-1073 (Google Search)
http://www.debian.org/security/2006/dsa-1073
Debian Security Information: DSA-1079 (Google Search)
http://www.debian.org/security/2006/dsa-1079
http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
http://www.wisec.it/vulns.php?page=7
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918
http://www.redhat.com/support/errata/RHSA-2006-0544.html
http://securitytracker.com/id?1016017
http://secunia.com/advisories/19929
http://secunia.com/advisories/20002
http://secunia.com/advisories/20073
http://secunia.com/advisories/20076
http://secunia.com/advisories/20223
http://secunia.com/advisories/20241
http://secunia.com/advisories/20253
http://secunia.com/advisories/20333
http://secunia.com/advisories/20424
http://secunia.com/advisories/20457
http://secunia.com/advisories/20625
http://secunia.com/advisories/20762
http://secunia.com/advisories/24479
http://secunia.com/advisories/29847
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
http://securityreason.com/securityalert/840
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
SuSE Security Announcement: SUSE-SA:2006:036 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
SuSE Security Announcement: SUSE-SR:2006:012 (Google Search)
http://www.novell.com/linux/security/advisories/2006-06-02.html
http://www.trustix.org/errata/2006/0028
https://usn.ubuntu.com/283-1/
http://www.vupen.com/english/advisories/2006/1633
http://www.vupen.com/english/advisories/2007/0930
http://www.vupen.com/english/advisories/2008/1326/references
XForce ISS Database: mysql-login-packet-info-disclosure(26236)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26236
Common Vulnerability Exposure (CVE) ID: CVE-2006-1517
Bugtraq: 20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution. (Google Search)
http://www.securityfocus.com/archive/1/432734/100/0/threaded
http://www.wisec.it/vulns.php?page=8
http://www.osvdb.org/25228
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
http://securitytracker.com/id?1016016
http://securityreason.com/securityalert/839
XForce ISS Database: mysql-sqlparcecc-information-disclosure(26228)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
Common Vulnerability Exposure (CVE) ID: CVE-2006-1518
CERT/CC vulnerability note: VU#602457
http://www.kb.cert.org/vuls/id/602457
XForce ISS Database: mysql-comtabledump-bo(26232)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26232
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.