Secunia Logo
Netsikker nu! 2008
 
Mandriva update for MySQL
Secunia Advisory: SA28040
Release Date: 2007-12-11
Popularity: 2,681 views

Critical:
Less critical
Impact: Security Bypass
Manipulation of data
DoS
Where: From local network
Solution Status: Vendor Patch

OS:Mandriva Linux 2007.0

Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2007-3781
CVE-2007-5925
CVE-2007-5969


Description:
Mandriva has issued an update for MySQL. This fixes some vulnerabilities, which can be exploited by malicious, local users to manipulate certain data and by malicious users to bypass certain security restrictions or cause a DoS (Denial of Service).

For more information:
SA25301
SA27568
SA27981

Solution:
Apply updated packages.

-- Mandriva Linux 2007 --

ae48df2b0377d0f2ebb0aaaa7b6310c6 2007.0/i586/MySQL-5.0.24a-2.3mdv2007.0.i586.rpm
ecf691100caecf50b3643b6c254e0b1b 2007.0/i586/MySQL-Max-5.0.24a-2.3mdv2007.0.i586.rpm
8b6f53c1c9fa5f2150a8e7cc20b3a635 2007.0/i586/MySQL-bench-5.0.24a-2.3mdv2007.0.i586.rpm
bde8ba1841f68683a984cdea2405d40d 2007.0/i586/MySQL-client-5.0.24a-2.3mdv2007.0.i586.rpm
01dcc1472f5c013e80454458ca0bcdd5 2007.0/i586/MySQL-common-5.0.24a-2.3mdv2007.0.i586.rpm
d8ffbdd8f1e83dddc18ae1ab3da417ce 2007.0/i586/MySQL-ndb-extra-5.0.24a-2.3mdv2007.0.i586.rpm
836a595ac27e4e1bf9f0c554c625d8ee 2007.0/i586/MySQL-ndb-management-5.0.24a-2.3mdv2007.0.i586.rpm
a830470e23ab010c43165d89ee64d2b1 2007.0/i586/MySQL-ndb-storage-5.0.24a-2.3mdv2007.0.i586.rpm
89311e6a8ab90817d697100492d99695 2007.0/i586/MySQL-ndb-tools-5.0.24a-2.3mdv2007.0.i586.rpm
3cf781afa097fba7d0e80efe4e8c7316 2007.0/i586/libmysql15-5.0.24a-2.3mdv2007.0.i586.rpm
54c8da360b46bec71b1d6e165f29cd10 2007.0/i586/libmysql15-devel-5.0.24a-2.3mdv2007.0.i586.rpm
150e51cad7944bd0a079ce0fa04f4396 2007.0/i586/libmysql15-static-devel-5.0.24a-2.3mdv2007.0.i586.rpm
b26414bdd5720ef35f6f76bbb5822760 2007.0/SRPMS/MySQL-5.0.24a-2.3mdv2007.0.src.rpm

-- Mandriva Linux 2007/X86_64 --

dafabcfc5d4c8a72f122efeea6de49d6 2007.0/x86_64/MySQL-5.0.24a-2.3mdv2007.0.x86_64.rpm
9dd7a9ddedc86e0b7fc2a5c84f483c68 2007.0/x86_64/MySQL-Max-5.0.24a-2.3mdv2007.0.x86_64.rpm
1a63a771fb1019101771a7933488a335 2007.0/x86_64/MySQL-bench-5.0.24a-2.3mdv2007.0.x86_64.rpm
3d353e6abc9cdcd92391e1d42b667347 2007.0/x86_64/MySQL-client-5.0.24a-2.3mdv2007.0.x86_64.rpm
e34fe5b73b3747c786e1e170cf503b28 2007.0/x86_64/MySQL-common-5.0.24a-2.3mdv2007.0.x86_64.rpm
dea1a4166a873372a5580b96bbcb81ee 2007.0/x86_64/MySQL-ndb-extra-5.0.24a-2.3mdv2007.0.x86_64.rpm
86a9c04d129f88f3dfd9211a94fc0283 2007.0/x86_64/MySQL-ndb-management-5.0.24a-2.3mdv2007.0.x86_64.rpm
9f07fb9af772f3700af8d0655e6d4fc7 2007.0/x86_64/MySQL-ndb-storage-5.0.24a-2.3mdv2007.0.x86_64.rpm
160166e5ef2aa5614e6bbf97b40e83b0 2007.0/x86_64/MySQL-ndb-tools-5.0.24a-2.3mdv2007.0.x86_64.rpm
4437780704ec957046236da489097898 2007.0/x86_64/lib64mysql15-5.0.24a-2.3mdv2007.0.x86_64.rpm
e183be407214a07cf03bca7a9d48a003 2007.0/x86_64/lib64mysql15-devel-5.0.24a-2.3mdv2007.0.x86_64.rpm
924fe118e9b7d3195f98ec5488069087 2007.0/x86_64/lib64mysql15-static-devel-5.0.24a-2.3mdv2007.0.x86_64.rpm
b26414bdd5720ef35f6f76bbb5822760 2007.0/SRPMS/MySQL-5.0.24a-2.3mdv2007.0.src.rpm

Original Advisory:
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:243

Other References:
SA25301:
http://secunia.com/advisories/25301/

SA27568:
http://secunia.com/advisories/27568/

SA27981:
http://secunia.com/advisories/27981/


Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. phpBB Avatar Script Insertion Vulnerability // 25 views
2. CA ARCserve Backup Multiple Vulnerabilities // 24 views
3. phpBB "gen_rand_string()" Predictable RNG Weakness // 22 views
4. Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow // 22 views
5. Opera Multiple Vulnerabilities // 20 views
6. Red Hat update for cups // 19 views
7. ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability // 18 views
8. Apple Mac OS X Security Update Fixes Multiple Vulnerabilities // 18 views
9. FUJITSU Interstage Products Apache Tomcat Security Bypass // 18 views
10. Ubuntu update for ruby1.8 // 17 views