Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Mandriva: Updated mysql packages fix vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: Updated mysql packages fix vulnerabilities
# 1  
Old 07-21-2008
Mandriva: Updated mysql packages fix vulnerabilities
LinuxSecurity.com: Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code (CVE-2008-0226) or cause a denial of service via a special Hello packet (CVE-2008-0227). Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges (CVE-2008-2079). The updated packages have been patched to correct these issues.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

perror

perror(1)							  MySQL database							 perror(1)

NAME

       perror - describes a system or MySQL error code.

SYNOPSIS

       perror [OPTIONS] [ERRORCODE [ERRORCODE...]]

DESCRIPTION

       Can  be	used  to display a description for a system error code, or an MyISAM/ISAM table handler error code.  The error messages are mostly
       system dependent.

OPTIONS

       -?|--help
	      Displays this help and exits.

       -I|--info
	      Synonym for the above.

       -s|--silent
	      Only print the error message

       -v|--verbose
	      Print error code and message (default).

       -V|--version
	      Displays version information and exits.

EXAMPLE

       shell> perror 64 79 Error code  64:  Machine is not on the network Error code  79:  Can not access a needed shared library

SEE ALSO

       isamchk(1), isamlog(1), mysql(1), mysqlaccess(1), mysqladmin(1), mysqld(1), mysqld_multi(1), mysqld_safe(1), mysqldump(1), mysql_fix_privi-
       lege_tables(1), mysqlshow(1), mysql_zap(1), replace(1)

       For  more information please refer to the MySQL reference manual, which may already be installed locally and which is also available online
       at http://www.mysql.com/doc/en/

BUGS

       Please refer to http://bugs.mysql.com/ to report bugs.

AUTHOR

       Ver 1.0, distribution 4.0.24 Michael (Monty) Widenius (monty@mysql.com), MySQL AB (http://www.mysql.com/).  This  software  comes  with	no
       warranty.   Manual page by L. (Kill-9) Pedersen (kill-9@kill-9.dk), Mercurmedia Data Model Architect / system developer (http://www.mercur-
       media.com)

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +--------------------+------------------------------------+
       |  ATTRIBUTE TYPE    |	       ATTRIBUTE VALUE		 |
       +--------------------+------------------------------------+
       |Availability	    | SUNWmysqlr, SUNWmysqlu, SUNWmysqlt |
       +--------------------+------------------------------------+
       |Interface Stability | External				 |
       +--------------------+------------------------------------+
NOTES

       Source for mysql is available on http://opensolaris.org.

MySQL 4.0							 19 December 2000							 perror(1)