MDVSA-2010:012 -- Mandriva mysqlID: oval:org.secpod.oval:def:300364 | Date: (C)2012-01-07 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in mysql: mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not properly handle errors during execution of certain SELECT statements with subqueries, and does not preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service via a crafted statement . The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library . MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079 . The updated packages have been patched to correct these issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded to the latest stable 5.1 release .
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.1 |