Linux Security
    Linux Security
    Linux Security

    Debian: MySQL 4.1 fix several vulnerabilities DSA-1073-1

    Date 22 May 2006
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in MySQL, a popular SQL database. The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2006-0903, CVE-2006-1516, CVE-2006-1517, CVE-2006-1518

    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1073-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    May 22nd, 2006                
    - --------------------------------------------------------------------------
    Package        : mysql-dfsg-4.1
    Vulnerability  : several
    Problem type   : remote
    Debian-specific: no
    CVE IDs        : CVE-2006-0903 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518
    CERT advisory  : VU#602457
    BugTraq IDs    : 16850 17780
    Debian Bugs    : 366043 366048 366162
    Several vulnerabilities have been discovered in MySQL, a popular SQL
    database.  The Common Vulnerabilities and Exposures Project identifies
    the following problems:
        Improper handling of SQL queries containing the NULL character
        allow local users to bypass logging mechanisms.
        Usernames without a trailing null byte allow remote attackers to
        read portions of memory.
        A request with an incorrect packet length allows remote attackers
        to obtain sensitive information.
        Specially crafted request packets with invalid length values allow
        the execution of arbitrary code.
    The following vulnerability matrix shows which version of MySQL in
    which distribution has this problem fixed:
                       woody            sarge            sid
    mysql            3.23.49-8.15        n/a             n/a
    mysql-dfsg          n/a         4.0.24-10sarge2      n/a
    mysql-dfsg-4.1      n/a         4.1.11a-4sarge3      n/a
    mysql-dfsg-5.0      n/a              n/a           5.0.21-3
    We recommend that you upgrade your mysql packages.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:     1029 fe1531d1b5169733638e64b98a0f2472
          Size/MD5 checksum:   166194 9ebbc861250d2e411a5e35cb7fc7fa6b
          Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3
      Architecture independent components:
          Size/MD5 checksum:    36074 dfb28c5169a7eaffd8fe72748a4a8a44
      Alpha architecture:
          Size/MD5 checksum:  1590330 f982bc8df8b3ff88b6284e81223d69b5
          Size/MD5 checksum:  7965144 881d5404f897d454100ee9a0b758b22b
          Size/MD5 checksum:  1000496 30eb22210f99994481d1cb8d0f49ea70
          Size/MD5 checksum: 17487728 c0a3b1d60dd487ae9d468dc7052c4c1b
      AMD64 architecture:
          Size/MD5 checksum:  1451580 f407ef8b6c520b23020df6f8ce4495aa
          Size/MD5 checksum:  5551440 d1ded46c8b586cdee728fab22180208f
          Size/MD5 checksum:   849082 9161807c8c260e7e0e2cd0cb9fa3a79d
          Size/MD5 checksum: 14711044 d2d9275ff03c2c04adb64658a7e78564
      ARM architecture:
          Size/MD5 checksum:  1388548 d823fd3ad8b1c5d54bfd7dbfc0957809
          Size/MD5 checksum:  5558362 4f49eae43b10441c852a91f02d9383fc
          Size/MD5 checksum:   836292 8616c375f5da29fac8c75081475390e8
          Size/MD5 checksum: 14557420 ac1dd6ea1d457a55f0920cf5367df57a
      Intel IA-32 architecture:
          Size/MD5 checksum:  1417574 c6bdb99fa2ab2def5403bfd97657b3bf
          Size/MD5 checksum:  5643226 a407082ba8a04f1753f70fe9c8e3f70c
          Size/MD5 checksum:   830226 997baad8b8255166dfebd155f24c7558
          Size/MD5 checksum: 14557608 c73ddde57d286c9df3742d5fd619281b
      Intel IA-64 architecture:
          Size/MD5 checksum:  1712842 eef94aab0159f71a9fd90772f91b4a76
          Size/MD5 checksum:  7782132 755cc9d914f6ae116d5540920bf8dc99
          Size/MD5 checksum:  1050204 b2ee7722223cb450f866ce69852fe304
          Size/MD5 checksum: 18475254 c72ffcb6e1e7796b466950aceae48bb3
      HP Precision architecture:
          Size/MD5 checksum:  1550772 a7627788d338b1ee32017bbafcdd1bcd
          Size/MD5 checksum:  6249776 3d4fc83da65ac4fe5a4b6135a20debf8
          Size/MD5 checksum:   909638 ebf27138ed29103d90e6be0f5a8e28a0
          Size/MD5 checksum: 15791200 3be40e327c9c309556f9b767fe6b8e58
      Motorola 680x0 architecture:
          Size/MD5 checksum:  1397530 e0e5f01d008cd40ee38b7e7a30f5d69e
          Size/MD5 checksum:  5283788 d4186f7a2c0c231d4376087a51b74a5a
          Size/MD5 checksum:   803448 772bd59ae1d8ea5af95dc2b416661608
          Size/MD5 checksum: 14071540 766cce55819838830b209a23b343c5c2
      Big endian MIPS architecture:
          Size/MD5 checksum:  1478502 618699397eb82eead99acf01c4d25f59
          Size/MD5 checksum:  6052694 7fe59dab19ac323389bdbefefcb2f472
          Size/MD5 checksum:   904080 d140aaa93ad6fc52372b6860f5196685
          Size/MD5 checksum: 15410072 ffd30ff403a343eda1467d543a9485bc
      Little endian MIPS architecture:
          Size/MD5 checksum:  1445934 a5642a17a417b705c53b6689727f28d9
          Size/MD5 checksum:  5971150 cb94a8fac63741d802344a41758108e1
          Size/MD5 checksum:   889688 bf8b2046d3da235c9717342c0fe802d7
          Size/MD5 checksum: 15104986 c67d26b51c37892ced55a971c3e2ed73
      PowerPC architecture:
          Size/MD5 checksum:  1476442 b6365d6bef0817718550fd344151b3a6
          Size/MD5 checksum:  6027254 cb0be5d5ff7180c0e36850a69a5159c6
          Size/MD5 checksum:   906982 23b1bb52a6df22e84f3677e3eec0c0b4
          Size/MD5 checksum: 15402586 2af7f90038dbb3f60cc1c62c159ff18e
      IBM S/390 architecture:
          Size/MD5 checksum:  1538088 68fd210fd6eb741baa8ae48540ce696c
          Size/MD5 checksum:  5461222 0734f9fec16ab4b2aa96bc53fb68fdae
          Size/MD5 checksum:   883848 4cf9f929345df7259c78b731a8eda589
          Size/MD5 checksum: 15055130 883b34ff52b3fffdf62845cabe5a99c4
      Sun Sparc architecture:
          Size/MD5 checksum:  1460258 513bb61a8a20c6eb55722b37a21010eb
          Size/MD5 checksum:  6207684 b6191cb684d4d7057d5577840d932d6d
          Size/MD5 checksum:   867786 a695ec3e218569ce84ad39413e113123
          Size/MD5 checksum: 15391404 79c1c0e272f8f21b9b72486945104400
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.