Re: [gna-private] [SECURITY] [DSA 829-1] New mysql packages fix arbitrary code execution
On Fri, 2005-09-30 at 08:49 +0200, Martin Schulze wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - --------------------------------------------------------------------------
> Debian Security Advisory DSA 829-1 security@debian.org
> http://www.debian.org/security/ Martin Schulze
> September 30, 2005 http://www.debian.org/security/faq
> - --------------------------------------------------------------------------
>
> Package : mysql
> Vulnerability : buffer overflow
> Problem type : remote
> Debian-specific: no
> CVE ID : CAN-2005-2558
> BugTraq ID : 14509
>
> A stack-based buffer overflow in the init_syms function of MySQL, a
> popular database, has been discovered that allows remote authenticated
> users who can create user-defined functions to execute arbitrary code
> via a long function_name field. The ability to create user-defined
> functions is not typically granted to untrusted users.
>
> The following vulnerability matrix shows which version of MySQL in
> which distribution has this problem fixed:
>
> woody sarge sid
> mysql 3.23.49-8.14 n/a n/a
> mysql-dfsg n/a 4.0.24-10sarge1 4.0.24-10sarge1
> mysql-dfsg-4.1 n/a 4.1.11a-4sarge2 4.1.14-2
> mysql-dfsg-5.0 n/a n/a 5.0.11beta-3
That's not one of our package, I've checked.
Reply to: