OpenPKG Corporation
OpenPKG CorporationSecuritySecurity Advisories

OpenPKG Security Advisory

OpenPKG-SA-2004.045

Publisher Name:          OpenPKG GmbH
Publisher Home:          http://openpkg.com/

Advisory Id (public):    OpenPKG-SA-2004.045
Advisory Type:           OpenPKG Security Advisory (SA)
Advisory Directory:      http://openpkg.com/go/OpenPKG-SA
Advisory Document:       http://openpkg.com/go/OpenPKG-SA-2004.045
Advisory Published:      2010-02-09 17:42 UTC

Issue Id (internal):     OpenPKG-SI-20041030.01
Issue First Created:     2004-10-30
Issue Last Modified:     2006-11-28
Issue Revision:          07



Subject Name:            MySQL
Subject Summary:         Fast Relational Database Management System
Subject Home:            http://www.mysql.com/products/mysql/
Subject Versions:        * <= 4.0.20

Vulnerability Id:        CVE-2004-0836, CVE-2004-0837
Vulnerability Scope:     global (not OpenPKG specific)

Attack Feasibility:      run-time
Attack Vector:           
Attack Impact:           denial of service, privilege escalation, arbitrary
                         code execution

Description:
    Several vulnerabilities including privilege abuse, Denial of Service,
    and potentially remote arbitrary code execution have been discovered
    in the MySQL RDBMS [1].
    
    Lukasz Wojtow noticed a buffer overrun in the mysql_real_connect
    function. CVE-2004-0836
    
    Dean Ellis noticed that multiple threads ALTERing the same (or
    different) MERGE tables to change the UNION can cause the server to
    crash or stall. CVE-2004-0837
    
    A crash can occur with "MATCH..AGAINST", resulting in a denial of
    service (MySQL bugs 3870 and 2708). A privilege escalation can occur
    with "GRANT" (MySQL bug 3933).

References:
    [1]  http://www.mysql.com/
    [2]  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
    [3]  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
    [4]  http://www.openpkg.org/tutorial.html#regular-source
    [5]  http://www.openpkg.org/tutorial.html#regular-binary
    [6]  ftp://ftp.openpkg.org/release/2.1/UPD/mysql-4.0.20-2.1.1.src.rpm
    [7]  ftp://ftp.openpkg.org/release/2.1/UPD/
    [8]  http://www.openpkg.org/security.html#signature



Primary Package Name:    mysql
Primary Package Home:    http://openpkg.org/go/package/mysql

Affected Distribution:   Affected Branch:  Affected Package:
OpenPKG Community        2.1-SOLID         mysql-4.0.20-2.1.0
OpenPKG Community        2.2-SOLID         n/a
OpenPKG Community        CURRENT           mysql-4.0.20-20040910

Corrected Distribution:  Corrected Branch: Corrected Package:
OpenPKG Community        2.1-SOLID         mysql-4.0.20-2.1.1
OpenPKG Community        2.2-SOLID         n/a
OpenPKG Community        CURRENT           mysql-4.0.21-20040910
Plain Text Version

Latest Advisories:
2007.023 perl
2007.022 bind
2007.021 wordpress
2007.020 php
2007.019 php
2007.018 freetype
2007.017 ratbox
2007.016 gd
2007.015 quagga
2007.014 bind
more...

See Also:
OpenPKG Enterprise 1
ChangeLog!

Meta: About | Imprint | Policy | Feedback | Sitemap | Search:
Validation: XHTML | CSS