Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
(Red Hat Issues Fix) MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
|
|
SecurityTracker Alert ID: 1011827 |
|
SecurityTracker URL: http://securitytracker.com/id/1011827
|
|
CVE Reference:
CVE-2004-0835, CVE-2004-0837
(Links to External Site)
|
Date: Oct 21 2004
|
Impact:
Denial of service via network, User access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.23
|
Description:
Two vulnerabilities were reported in MySQL. A remote authenticated user may be able to gain elevated privileges. A remote authenticated user may be able to cause denial of service conditions.
In March 2004, Oleksandr Byelkin reported that an 'alter table [...] rename [...]' command will check the create/insert rights of the old table instead of the new table [CVE: CAN-2004-0835]. As a result, a user may be able to gain access to tables that the user is not authorized to access.
In January 2004, Dean Ellis reported that if multiple threads issue 'alter' commands against 'merge' tables to modify the 'union', the target server may crash [CVE: CAN-2004-0837].
The original bug reports are available at:
http://bugs.mysql.com/bug.php?id=3270
http://bugs.mysql.com/bug.php?id=2408
|
Impact:
A remote authenticated user may be able to gain elevated privileges.
A remote authenticated user may be able to cause denial of service conditions.
|
Solution:
Red Hat has released a fix.
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
ia64:
273e64f3bc444f642cc27e149047e88b mysql-3.23.58-2.3.ia64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
035537b43e8860f4713bb8ba2f434376 mysql-bench-3.23.58-2.3.ia64.rpm
b10cfeaa55f652962f424036f6dd169b mysql-devel-3.23.58-2.3.ia64.rpm
ppc:
22972cd7c174cd85e0c08cf6232d90c2 mysql-3.23.58-2.3.ppc.rpm
3d2f07341d89c5793f56dc9879b4c4e6 mysql-bench-3.23.58-2.3.ppc.rpm
2a3bb5baaecc6f1101d2a9d2c0f0938b mysql-devel-3.23.58-2.3.ppc.rpm
ppc64:
552fb60408534cc09ea24f7a141a016b mysql-3.23.58-2.3.ppc64.rpm
s390:
f47fbbc3e354853485c5424dc22ccc8c mysql-3.23.58-2.3.s390.rpm
973e0714e31de71c0efad0599941bb7e mysql-bench-3.23.58-2.3.s390.rpm
6efe72cbdabdde4e2d3db8c24d5e8e24 mysql-devel-3.23.58-2.3.s390.rpm
s390x:
e525bd1a40a1157ff99f79006d8447fe mysql-3.23.58-2.3.s390x.rpm
f47fbbc3e354853485c5424dc22ccc8c mysql-3.23.58-2.3.s390.rpm
62bc707e3a3a6444e7dad5fd0947249a mysql-bench-3.23.58-2.3.s390x.rpm
a07377d3c15bcbf4a978676036a04d76 mysql-devel-3.23.58-2.3.s390x.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
ia64:
273e64f3bc444f642cc27e149047e88b mysql-3.23.58-2.3.ia64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
035537b43e8860f4713bb8ba2f434376 mysql-bench-3.23.58-2.3.ia64.rpm
b10cfeaa55f652962f424036f6dd169b mysql-devel-3.23.58-2.3.ia64.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
ia64:
273e64f3bc444f642cc27e149047e88b mysql-3.23.58-2.3.ia64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
035537b43e8860f4713bb8ba2f434376 mysql-bench-3.23.58-2.3.ia64.rpm
b10cfeaa55f652962f424036f6dd169b mysql-devel-3.23.58-2.3.ia64.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
|
Vendor URL: www.mysql.com/ (Links to External Site)
|
Cause:
Access control error, Exception handling error, State error
|
Underlying OS:
Linux (Red Hat Enterprise)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 20 Oct 2004 15:47 -0400
Subject: [RHSA-2004:569-01] Updated mysql packages fix minor security issues
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated mysql packages fix minor security issues and bugs
Advisory ID: RHSA-2004:569-01
Issue date: 2004-10-20
Updated on: 2004-10-20
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0381 CAN-2004-0388 CAN-2004-0457
- ---------------------------------------------------------------------
1. Summary:
Updated mysql packages that fix various temporary file security issues,
as well as a number of bugs, are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
MySQL is a multi-user, multi-threaded SQL database server.
This update fixes a number of small bugs, including some potential
security problems associated with careless handling of temporary files.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2004-0381, CAN-2004-0388, and CAN-2004-0457 to these
issues.
A number of additional security issues that affect mysql have been
corrected in the source package. These include CAN-2004-0835,
CAN-2004-0836, CAN-2004-0837, and CAN-2004-0957. Red Hat Enterprise Linux
3 does not ship with the mysql-server package and is therefore not affected
by these issues.
This update also allows 32-bit and 64-bit libraries to be installed
concurrently on the same system.
All users of mysql should upgrade to these updated packages, which resolve
these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):
58732 - /etc/init.d/mysqld doesn't wait for server to start
108779 - Always timeout error starting MySQL Daemon
117017 - RHEL2.1: removing mysql-server does not remove the mysql user.
115165 - botched string concat ?
113960 - [PATCH] Bug fix + enhancement for mysql_setpermission
112693 - mysqlhotcopy of local Fedora DB broken after upgrade from RH9
102190 - specfile contains improper log details in %files
124352 - Cannot drop databases
119442 - CAN-2004-0381 mysqlbug temporary file vulnerability
130348 - CAN-2004-0457 mysqlhotcopy insecure temporary file vulnerability
128852 - database service should start earlier
129409 - linking with 'mysql --libs' doesent seem to work correctly.
133993 - Service mysqld restart
135387 - CAN-2004-0835 MySQL flaws (CAN-2004-0836, CAN-2004-0837, CAN-2004-0957)
6. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
ia64:
273e64f3bc444f642cc27e149047e88b mysql-3.23.58-2.3.ia64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
035537b43e8860f4713bb8ba2f434376 mysql-bench-3.23.58-2.3.ia64.rpm
b10cfeaa55f652962f424036f6dd169b mysql-devel-3.23.58-2.3.ia64.rpm
ppc:
22972cd7c174cd85e0c08cf6232d90c2 mysql-3.23.58-2.3.ppc.rpm
3d2f07341d89c5793f56dc9879b4c4e6 mysql-bench-3.23.58-2.3.ppc.rpm
2a3bb5baaecc6f1101d2a9d2c0f0938b mysql-devel-3.23.58-2.3.ppc.rpm
ppc64:
552fb60408534cc09ea24f7a141a016b mysql-3.23.58-2.3.ppc64.rpm
s390:
f47fbbc3e354853485c5424dc22ccc8c mysql-3.23.58-2.3.s390.rpm
973e0714e31de71c0efad0599941bb7e mysql-bench-3.23.58-2.3.s390.rpm
6efe72cbdabdde4e2d3db8c24d5e8e24 mysql-devel-3.23.58-2.3.s390.rpm
s390x:
e525bd1a40a1157ff99f79006d8447fe mysql-3.23.58-2.3.s390x.rpm
f47fbbc3e354853485c5424dc22ccc8c mysql-3.23.58-2.3.s390.rpm
62bc707e3a3a6444e7dad5fd0947249a mysql-bench-3.23.58-2.3.s390x.rpm
a07377d3c15bcbf4a978676036a04d76 mysql-devel-3.23.58-2.3.s390x.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
ia64:
273e64f3bc444f642cc27e149047e88b mysql-3.23.58-2.3.ia64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
035537b43e8860f4713bb8ba2f434376 mysql-bench-3.23.58-2.3.ia64.rpm
b10cfeaa55f652962f424036f6dd169b mysql-devel-3.23.58-2.3.ia64.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mysql-3.23.58-2.3.src.rpm
3fea570d29c4a66fd5578705fd3a5f08 mysql-3.23.58-2.3.src.rpm
i386:
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
d8d9f29055d4f9ac2bd0c577cf3c9f1a mysql-bench-3.23.58-2.3.i386.rpm
942437a7d22c99a96ccbc1fe30e01857 mysql-devel-3.23.58-2.3.i386.rpm
ia64:
273e64f3bc444f642cc27e149047e88b mysql-3.23.58-2.3.ia64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
035537b43e8860f4713bb8ba2f434376 mysql-bench-3.23.58-2.3.ia64.rpm
b10cfeaa55f652962f424036f6dd169b mysql-devel-3.23.58-2.3.ia64.rpm
x86_64:
f11ffaa788c38434a7259bccf485b1a0 mysql-3.23.58-2.3.x86_64.rpm
a5291f0504a64c7640818b554b2ec268 mysql-3.23.58-2.3.i386.rpm
9c20d57a7c724de9cd30a7a8be88fa1e mysql-bench-3.23.58-2.3.x86_64.rpm
14a7a2b00486de17c287bf90010b7377 mysql-devel-3.23.58-2.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0457
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact.html
Copyright 2004 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBdsC+XlSAg2UNWIIRAtqpAKC5PDXwBDy+Se6OgTYSIe4AJtSP5QCeOuAp
dU4BbLANx/21TUx8It8HBsM=
=chW6
-----END PGP SIGNATURE-----
--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|
|
Go to the Top of This SecurityTracker Archive Page
|
