OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[SA14226] Mandrake update for mysql

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Fri Feb 11 2005 - 02:52:00 CST

TITLE:
Mandrake update for mysql

SECUNIA ADVISORY ID:
SA14226

VERIFY ADVISORY:
http://secunia.com/advisories/14226/

CRITICAL:
Less critical

IMPACT:
Manipulation of data, Exposure of sensitive information, Privilege
escalation

WHERE:
Local system

OPERATING SYSTEM:
Mandrake Corporate Server 2.x
http://secunia.com/product/1222/
Mandrakelinux 10.0
http://secunia.com/product/3918/
Mandrakelinux 10.1
http://secunia.com/product/4198/

DESCRIPTION:
MandrakeSoft has issued an update for mysql. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

For more information:
SA13867

SOLUTION:
Apply updated packages.

Mandrakelinux 10.0:
50574ec1c70d78d0b4f7da1bd7d7d380
10.0/RPMS/libmysql12-4.0.18-1.3.100mdk.i586.rpm
25710d5c4844ca1d123944ac0861bc0f
10.0/RPMS/libmysql12-devel-4.0.18-1.3.100mdk.i586.rpm
8c056d72fa1d02c231ed321bfa0108af
10.0/RPMS/libqt3-mysql-3.2.3-19.6.100mdk.i586.rpm
94dcd13a633ef96a31b0f7da452afed1
10.0/RPMS/MySQL-4.0.18-1.3.100mdk.i586.rpm
8df8f4a9d6cdce677d630ac134081898
10.0/RPMS/MySQL-Max-4.0.18-1.3.100mdk.i586.rpm
bbe03440aa22bdf38204607f290915f8
10.0/RPMS/MySQL-bench-4.0.18-1.3.100mdk.i586.rpm
64015efdb83f79c9a1fbedce63ea1f78
10.0/RPMS/MySQL-client-4.0.18-1.3.100mdk.i586.rpm
5481c9bbc5daf2632c36f6dc7d2521c0
10.0/RPMS/MySQL-common-4.0.18-1.3.100mdk.i586.rpm
2f8f209e44f7fbe18395e6e815e8cc5b
10.0/SRPMS/MySQL-4.0.18-1.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
38bc4a1e8a79ec174569dfdfa98f022d
amd64/10.0/RPMS/lib64mysql12-4.0.18-1.3.100mdk.amd64.rpm
6c3eea8562548a88e80d98c40af4bc68
amd64/10.0/RPMS/lib64mysql12-devel-4.0.18-1.3.100mdk.amd64.rpm
48feba0f77d5ead04e2226f50595494d
amd64/10.0/RPMS/lib64qt3-mysql-3.2.3-19.6.100mdk.amd64.rpm
7bcddb4ae89e5f1934f272a4c4910dbe
amd64/10.0/RPMS/MySQL-4.0.18-1.3.100mdk.amd64.rpm
c503b7cefabdfa0c49b658037190c6c5
amd64/10.0/RPMS/MySQL-Max-4.0.18-1.3.100mdk.amd64.rpm
3815a6a61e37a70e63c3794c6d4ab807
amd64/10.0/RPMS/MySQL-bench-4.0.18-1.3.100mdk.amd64.rpm
aaebba0d883e9abbb2bfa58b19b1a57e
amd64/10.0/RPMS/MySQL-client-4.0.18-1.3.100mdk.amd64.rpm
353006ae3541483c666416679841c1f6
amd64/10.0/RPMS/MySQL-common-4.0.18-1.3.100mdk.amd64.rpm
2f8f209e44f7fbe18395e6e815e8cc5b
amd64/10.0/SRPMS/MySQL-4.0.18-1.3.100mdk.src.rpm

Mandrakelinux 10.1:
bd3a35f3ba7440aa79f3940f20422b19
10.1/RPMS/libmysql12-4.0.20-3.2.101mdk.i586.rpm
c3fd2f49a144ec27d8bad808a89cbb31
10.1/RPMS/libmysql12-devel-4.0.20-3.2.101mdk.i586.rpm
3e2967952b1ddaa05561bf17b88fe24d
10.1/RPMS/libqt3-mysql-3.3.3-27.1.101mdk.i586.rpm
f6b68d795599ec5a51b2c3c5cf3ada86
10.1/RPMS/MySQL-4.0.20-3.2.101mdk.i586.rpm
514e962fbfb48e2d6e18baf8c6ad86b8
10.1/RPMS/MySQL-Max-4.0.20-3.2.101mdk.i586.rpm
71624f3454fa8892b123104e1e9e7260
10.1/RPMS/MySQL-bench-4.0.20-3.2.101mdk.i586.rpm
06fde75abed6b50838161eb95e375135
10.1/RPMS/MySQL-client-4.0.20-3.2.101mdk.i586.rpm
fd3f8ed0bea7dee2e20fdf09a26c8715
10.1/RPMS/MySQL-common-4.0.20-3.2.101mdk.i586.rpm
195735730d0535bef4dbe1fbb5c5cec7
10.1/SRPMS/MySQL-4.0.20-3.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
841beab56f637c1148348685b39daf6f
x86_64/10.1/RPMS/lib64mysql12-4.0.20-3.2.101mdk.x86_64.rpm
7aa4b9a407252d5a333cd25b2f11d39d
x86_64/10.1/RPMS/lib64mysql12-devel-4.0.20-3.2.101mdk.x86_64.rpm
ec4bb6dd0693f48a5960d30d48496839
x86_64/10.1/RPMS/lib64qt3-mysql-3.3.3-27.1.101mdk.x86_64.rpm
3e2967952b1ddaa05561bf17b88fe24d
x86_64/10.1/RPMS/libqt3-mysql-3.3.3-27.1.101mdk.i586.rpm
4683c29eac58dfea8c5d2d0aa7afc5e7
x86_64/10.1/RPMS/MySQL-4.0.20-3.2.101mdk.x86_64.rpm
31a8ca40e7da9f3b311bff981c3f5614
x86_64/10.1/RPMS/MySQL-Max-4.0.20-3.2.101mdk.x86_64.rpm
2783b732a61d2eb87422daf0f18913b7
x86_64/10.1/RPMS/MySQL-bench-4.0.20-3.2.101mdk.x86_64.rpm
f034044d8fda605eeba6db49da02c4c4
x86_64/10.1/RPMS/MySQL-client-4.0.20-3.2.101mdk.x86_64.rpm
ef4ce84d6cc648cf3e3cc938bafa8918
x86_64/10.1/RPMS/MySQL-common-4.0.20-3.2.101mdk.x86_64.rpm
195735730d0535bef4dbe1fbb5c5cec7
x86_64/10.1/SRPMS/MySQL-4.0.20-3.2.101mdk.src.rpm

Corporate Server 2.1:
f4cd6b3d833a0a5d190b7d5defd6f18a
corporate/2.1/RPMS/libmysql10-3.23.56-1.7.C21mdk.i586.rpm
1e2afd78697dfe26bfc9f5327f2f3108
corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.7.C21mdk.i586.rpm
a6f2168c5faffff7872ba6a5c4bc2dd2
corporate/2.1/RPMS/MySQL-3.23.56-1.7.C21mdk.i586.rpm
7f41d3536345a283812301a9b1416616
corporate/2.1/RPMS/MySQL-Max-3.23.56-1.7.C21mdk.i586.rpm
c8632bb5f0f31862aa764efe8aedab19
corporate/2.1/RPMS/MySQL-bench-3.23.56-1.7.C21mdk.i586.rpm
81c7febbb3be7b9c2c6f8eba26f6b040
corporate/2.1/RPMS/MySQL-client-3.23.56-1.7.C21mdk.i586.rpm
fbb22ec4f0087ea2df640f2e99786334
corporate/2.1/SRPMS/MySQL-3.23.56-1.7.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
d1c474ac0d94e181d9955f33843ea1e5
x86_64/corporate/2.1/RPMS/libmysql10-3.23.56-1.7.C21mdk.x86_64.rpm
6180ac0c3820243fc97191fc0e388618
x86_64/corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.7.C21mdk.x86_64.rpm
94629c4d41e9e5b041fd87a10f4626c6
x86_64/corporate/2.1/RPMS/MySQL-3.23.56-1.7.C21mdk.x86_64.rpm
7c6e305fbbd13bda3ca09175931452b0
x86_64/corporate/2.1/RPMS/MySQL-Max-3.23.56-1.7.C21mdk.x86_64.rpm
4a5697b1822bae029b07e2f1d1907086
x86_64/corporate/2.1/RPMS/MySQL-bench-3.23.56-1.7.C21mdk.x86_64.rpm
66c8261cd44333d3457331fe65acb8d5
x86_64/corporate/2.1/RPMS/MySQL-client-3.23.56-1.7.C21mdk.x86_64.rpm
fbb22ec4f0087ea2df640f2e99786334
x86_64/corporate/2.1/SRPMS/MySQL-3.23.56-1.7.C21mdk.src.rpm

ORIGINAL ADVISORY:
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:036

OTHER REFERENCES:
SA13867:
http://secunia.com/advisories/13867/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------