Linux Security
    Linux Security
    Linux Security

    Debian: New mysql-dfsg-4.1 packages fix arbitrary code execution

    Posted By
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 833-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    October 1st, 2005             
    - --------------------------------------------------------------------------
    Package        : mysql-dfsg-4.1
    Vulnerability  : buffer overflow
    Problem type   : remote
    Debian-specific: no
    CVE ID         : CAN-2005-2558
    BugTraq ID     : 14509
    A stack-based buffer overflow in the init_syms function of MySQL, a
    popular database, has been discovered that allows remote authenticated
    users who can create user-defined functions to execute arbitrary code
    via a long function_name field.  The ability to create user-defined
    functions is not typically granted to untrusted users.
    The following vulnerability matrix explains which version of MySQL in
    which distribution has this problem fixed:
                         woody              sarge              sid
    mysql             3.23.49-8.14           n/a               n/a
    mysql-dfsg            n/a          4.0.24-10sarge1    4.0.24-10sarge1
    mysql-dfsg-4.1        n/a          4.1.11a-4sarge2        4.1.14-2
    mysql-dfsg-5.0        n/a                n/a            5.0.11beta-3
    We recommend that you upgrade your mysql-dfsg-4.1 packages.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:     1021 ef5b7f754fd69c6ddf96185a9ea99d8c
          Size/MD5 checksum:   163217 c22faa82cad1a38568146d03a316b4c3
          Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3
      Architecture independent components:
          Size/MD5 checksum:    35758 f4c17c57aaed4aba0d06b22391a443ff
      Alpha architecture:
          Size/MD5 checksum:  1589626 326e06854e8cc7b4df3ca853a8776e6f
          Size/MD5 checksum:  7963496 4da7672c7e6ce497cc6c2b72c2438c5f
          Size/MD5 checksum:  1000022 a8edacbc3c87b781c4aae6772c42f2c9
          Size/MD5 checksum: 17484824 d0e8f9bfebd9c492d0ed336c236050ad
      AMD64 architecture:
          Size/MD5 checksum:  1450438 8e3eca09ae3044bc15d7332a97eaadb3
          Size/MD5 checksum:  5549144 3b9308fd3c89158b20ae75ab4835d333
          Size/MD5 checksum:   848676 0cdc8e7e48e1821fcbab39aee1c6b22b
          Size/MD5 checksum: 14709814 b602e0bff5fda27efbc2bf52c0b46e32
      ARM architecture:
          Size/MD5 checksum:  1388184 ba83a61338a7b6198754c22e134bdabd
          Size/MD5 checksum:  5557760 54ac64644fe2897b5c2554f5332bf402
          Size/MD5 checksum:   835900 a29f9b8bfe41d70e24cb6eef94b43bc9
          Size/MD5 checksum: 14555832 a482f115a2f27abee4ad2a79dfbd6cd1
      Intel IA-32 architecture:
          Size/MD5 checksum:  1416570 e49242dae5f45b947a47ea1fe728d128
          Size/MD5 checksum:  5641688 b3eb7e254df56c09ada9c1fa61fab946
          Size/MD5 checksum:   829688 f3cdde3f2a6698f394ba0edfdbd29446
          Size/MD5 checksum: 14556498 45421b845326a2e40a720dc44b64985d
      Intel IA-64 architecture:
          Size/MD5 checksum:  1711912 475cfa72891c402d1c948be09e6a98f7
          Size/MD5 checksum:  7780996 03bd4ba1db9460ef9d9be5b01d880453
          Size/MD5 checksum:  1049796 b8253e96506666bc4a3b659994bdd48a
          Size/MD5 checksum: 18474740 4a483fc2350bda7a6eb2599c7fbf9e0d
      HP Precision architecture:
          Size/MD5 checksum:  1550304 aadb8f7fbda0ef84b8afcf7baf76dffb
          Size/MD5 checksum:  6249354 21f0e228f658552c1ecb4d05975e3921
          Size/MD5 checksum:   909194 235968a78d019efc6be2e1df68fb4cb3
          Size/MD5 checksum: 15786932 aee2e68c3f7938d0ba7292289f032bda
      Motorola 680x0 architecture:
          Size/MD5 checksum:  1396882 3ef005165d935a0089c42b9dca782125
          Size/MD5 checksum:  5282906 9becdb0b18c3c42b5211739e9f5f5f46
          Size/MD5 checksum:   803022 43eb1fdfe29144e10d1730f1dcc45507
          Size/MD5 checksum: 14070110 51c9d88be73414000742c7c2961307a1
      Big endian MIPS architecture:
          Size/MD5 checksum:  1477766 fb7a8d1fb9d4607d7172c36032ebcbbb
          Size/MD5 checksum:  6051760 6e97430bc9b02e866e04414e627f9f4c
          Size/MD5 checksum:   903542 f99636d7c17d9b9647c34d3dd3379c2d
          Size/MD5 checksum: 15407442 36eaf9d65e7c4dcaeff920389c6bd890
      Little endian MIPS architecture:
          Size/MD5 checksum:  1445350 539eadf9ac7e9b384825c944759ec6b4
          Size/MD5 checksum:  5969562 bdf9697878b6a439d079528660a67fbc
          Size/MD5 checksum:   889260 07d1f0071ce62ce433c9c924544fe5fc
          Size/MD5 checksum: 15103284 5be83f139ae6ac41ffad5a2a7a52ce49
      PowerPC architecture:
          Size/MD5 checksum:  1475432 2fc2f711fd16172952db58a59c17f9cb
          Size/MD5 checksum:  6025146 f230533abfce5f92e7ee95d0966ea984
          Size/MD5 checksum:   906432 d566b964257453976d7c36e309b705de
          Size/MD5 checksum: 15402508 dc78398b45128bc2d2f6881427ff044d
      IBM S/390 architecture:
          Size/MD5 checksum:  1537572 fc84f1f6e3f72bf3e62ae6d09fd29ed5
          Size/MD5 checksum:  5460800 94db267d9e373a8490a0067257ae14a4
          Size/MD5 checksum:   883408 9f613cb6264d5fd7da0c216301e34af1
          Size/MD5 checksum: 15053922 3d90c52ba65c7550da1558bb7d5ab346
      Sun Sparc architecture:
          Size/MD5 checksum:  1459496 478640727168f01c3832f53ada90b8d9
          Size/MD5 checksum:  6205444 427316f73787f388a361c76124e59cb5
          Size/MD5 checksum:   867394 9e2217f00d72fa652b5e45fae5829eb8
          Size/MD5 checksum: 15390434 e79df4002a1dfb61f2253030e8cb1033
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.