[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [gna-private] [SECURITY] [DSA 829-1] New mysql packages fix arbitrary code execution

On Fri, 2005-09-30 at 08:49 +0200, Martin Schulze wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - --------------------------------------------------------------------------
> Debian Security Advisory DSA 829-1                     security@debian.org
> http://www.debian.org/security/                             Martin Schulze
> September 30, 2005                      http://www.debian.org/security/faq
> - --------------------------------------------------------------------------
> 
> Package        : mysql
> Vulnerability  : buffer overflow
> Problem type   : remote
> Debian-specific: no
> CVE ID         : CAN-2005-2558
> BugTraq ID     : 14509
> 
> A stack-based buffer overflow in the init_syms function of MySQL, a
> popular database, has been discovered that allows remote authenticated
> users who can create user-defined functions to execute arbitrary code
> via a long function_name field.  The ability to create user-defined
> functions is not typically granted to untrusted users.
> 
> The following vulnerability matrix shows which version of MySQL in
> which distribution has this problem fixed:
> 
>                      woody              sarge              sid
> mysql             3.23.49-8.14           n/a               n/a
> mysql-dfsg            n/a          4.0.24-10sarge1    4.0.24-10sarge1
> mysql-dfsg-4.1        n/a          4.1.11a-4sarge2        4.1.14-2
> mysql-dfsg-5.0        n/a                n/a            5.0.11beta-3

  That's not one of our package, I've checked.
Reply to: