Re: [SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass

[Ticlea Petru Alexandru <ticlea_alexandru@yahoo.com>]

Devin Carraway <devin@debian.org> wrote:
>  -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - ------------------------------------------------------------------------
> Debian Security Advisory DSA-1662-1                  security@debian.org
> http://www.debian.org/security/                           Devin Carraway
> November 06, 2008                     http://www.debian.org/security/faq
> - ------------------------------------------------------------------------
>
> Package        : mysql-dfsg-5.0
> Vulnerability  : authorization bypass
> Problem type   : local
> Debian-specific: no
> CVE Id(s)      : CVE-2008-4098
> Debian Bug     : 480292
>
> A symlink traversal vulnerability was discovered in MySQL, a
> relational database server.  The weakness could permit an attacker
> having both CREATE TABLE access to a
>  database and the ability to
> execute shell commands on the database server to bypass MySQL access
> controls, enabling them to write to tables in databases to which they
> would not ordinarily have access.
>
> The Common Vulnerabilities and Exposures project identifies this
> vulnerability as CVE-2008-4098.  Note that a closely aligned issue,
> identified as CVE-2008-4097, was prevented by the update announced in
> DSA-1608-1.  This new update supercedes that fix and mitigates both
> potential attack vectors.
>
> For the stable distribution (etch), this problem has been fixed in
> version 5.0.32-7etch8.
>
> We recommend that you upgrade your mysql packages.


I find a fix for this bug in mysql-dfsg-5.0_5.0.32-7etch6 pachage, before  9 July 08