Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2006-4227
Vulnerability from cvelistv5
Published
2006-08-18 19:55
Modified
2024-08-07 18:57
Severity ?
EPSS score ?
Summary
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:57:46.439Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "mysql-grant-execute-privilege-escalation(28442)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28442" }, { "name": "ADV-2006-3306", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3306" }, { "name": "SUSE-SR:2006:023", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" }, { "name": "oval:org.mitre.oval:def:10105", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105" }, { "name": "USN-338-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-338-1" }, { "name": "21506", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21506" }, { "name": "19559", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19559" }, { "name": "22080", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22080" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html" }, { "name": "21770", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21770" }, { "name": "30351", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30351" }, { "name": "1016709", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016709" }, { "name": "RHSA-2007:0083", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" }, { "name": "RHSA-2008:0364", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.mysql.com/bug.php?id=18630" }, { "name": "[commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.mysql.com/commits/7918" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-06-20T00:00:00", "descriptions": [ { "lang": "en", "value": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "mysql-grant-execute-privilege-escalation(28442)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28442" }, { "name": "ADV-2006-3306", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3306" }, { "name": "SUSE-SR:2006:023", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" }, { "name": "oval:org.mitre.oval:def:10105", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105" }, { "name": "USN-338-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-338-1" }, { "name": "21506", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21506" }, { "name": "19559", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19559" }, { "name": "22080", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22080" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html" }, { "name": "21770", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21770" }, { "name": "30351", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30351" }, { "name": "1016709", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016709" }, { "name": "RHSA-2007:0083", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" }, { "name": "RHSA-2008:0364", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.mysql.com/bug.php?id=18630" }, { "name": "[commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.mysql.com/commits/7918" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4227", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "mysql-grant-execute-privilege-escalation(28442)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28442" }, { "name": "ADV-2006-3306", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3306" }, { "name": "SUSE-SR:2006:023", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" }, { "name": "oval:org.mitre.oval:def:10105", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105" }, { "name": "USN-338-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-338-1" }, { "name": "21506", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21506" }, { "name": "19559", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19559" }, { "name": "22080", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22080" }, { "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html", "refsource": "CONFIRM", "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html" }, { "name": "21770", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21770" }, { "name": "30351", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30351" }, { "name": "1016709", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016709" }, { "name": "RHSA-2007:0083", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" }, { "name": "RHSA-2008:0364", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" }, { "name": "http://bugs.mysql.com/bug.php?id=18630", "refsource": "CONFIRM", "url": "http://bugs.mysql.com/bug.php?id=18630" }, { "name": "[commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630", "refsource": "MLIST", "url": "http://lists.mysql.com/commits/7918" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4227", "datePublished": "2006-08-18T19:55:00", "dateReserved": "2006-08-18T00:00:00", "dateUpdated": "2024-08-07T18:57:46.439Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2006-4227\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-08-18T20:04:00.000\",\"lastModified\":\"2024-11-21T00:15:26.370\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.\"},{\"lang\":\"es\",\"value\":\"MySQL anterior a 5.0.25 y 5.1 anterior a 5.1.12 eval\u00faa los argumentos de rutinas suid en el contexto de seguridad del creador de la rutina en lugar del de aquel que llama a la rutina, lo que permite a usuarios autenticados remotamente escalar privilegios a trav\u00e9s de una rutina que ha sido puesta a su disposici\u00f3n utilizando GRANT EXECUTE.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77A2761-2B44-4061-9C29-A54F90A1AD83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B3AD851-056F-4E57-B85B-4AC5A5A20C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD24EA8C-4FCA-4F40-B2EA-7DFA49432483\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"754B78F2-A03C-40BE-812B-F5E57B93D20B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"665E063D-355D-4A5A-A05F-36BF582DE36F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"214E3CF9-6362-4F5A-91B7-5E69564F7144\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C6CD84-EA5D-451F-AFC3-5F7094F0017D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35BED939-3366-4CBF-B6BF-29C0C42E97F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"19001041-22C4-4D2C-A918-378DACBB1DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88FEEE64-899F-4F55-B829-641706E29E32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EB2323C-EFE2-407A-9AE9-8717FA9F8625\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6341F695-6034-4CC1-9485-ACD3A0E1A079\"}]}]}],\"references\":[{\"url\":\"http://bugs.mysql.com/bug.php?id=18630\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.mysql.com/commits/7918\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21506\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21770\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22080\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30351\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016709\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_23_sr.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0083.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0364.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/19559\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-338-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3306\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28442\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.mysql.com/bug.php?id=18630\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.mysql.com/commits/7918\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30351\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016709\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_23_sr.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0083.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0364.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/19559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-338-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28442\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue did not affect the versions of MySQL as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.\\n\\nIssue was addressed in MySQL packages as shipped in Red Hat Enterprise Linux 5 via:\\n\\nhttps://rhn.redhat.com/errata/RHSA-2008-0364.html\",\"lastModified\":\"2008-07-25T00:00:00\"}]}}" } }
ghsa-pq6p-m3qv-7m6j
Vulnerability from github
Published
2022-05-01 07:16
Modified
2022-05-01 07:16
Details
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
{ "affected": [], "aliases": [ "CVE-2006-4227" ], "database_specific": { "cwe_ids": [ "CWE-20" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2006-08-18T20:04:00Z", "severity": "MODERATE" }, "details": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.", "id": "GHSA-pq6p-m3qv-7m6j", "modified": "2022-05-01T07:16:38Z", "published": "2022-05-01T07:16:38Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4227" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28442" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105" }, { "type": "WEB", "url": "http://bugs.mysql.com/bug.php?id=18630" }, { "type": "WEB", "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html" }, { "type": "WEB", "url": "http://lists.mysql.com/commits/7918" }, { "type": "WEB", "url": "http://secunia.com/advisories/21506" }, { "type": "WEB", "url": "http://secunia.com/advisories/21770" }, { "type": "WEB", "url": "http://secunia.com/advisories/22080" }, { "type": "WEB", "url": "http://secunia.com/advisories/30351" }, { "type": "WEB", "url": "http://securitytracker.com/id?1016709" }, { "type": "WEB", "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/19559" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/usn-338-1" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2006/3306" } ], "schema_version": "1.4.0", "severity": [] }
rhsa-2008_0364
Vulnerability from csaf_redhat
Published
2008-05-20 12:44
Modified
2024-11-22 01:59
Summary
Red Hat Security Advisory: mysql security and bug fix update
Notes
Topic
Updated mysql packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 5.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld), and
many different client programs and libraries.
MySQL did not require privileges such as "SELECT" for the source table in a
"CREATE TABLE LIKE" statement. An authenticated user could obtain sensitive
information, such as the table structure. (CVE-2007-3781)
A flaw was discovered in MySQL that allowed an authenticated user to gain
update privileges for a table in another database, via a view that refers
to the external table. (CVE-2007-3782)
MySQL did not require the "DROP" privilege for "RENAME TABLE" statements.
An authenticated user could use this flaw to rename arbitrary tables.
(CVE-2007-2691)
A flaw was discovered in the mysql_change_db function when returning from
SQL SECURITY INVOKER stored routines. An authenticated user could use this
flaw to gain database privileges. (CVE-2007-2692)
MySQL allowed an authenticated user to bypass logging mechanisms via SQL
queries that contain the NULL character, which were not properly handled by
the mysql_real_query function. (CVE-2006-0903)
MySQL allowed an authenticated user to access a table through a previously
created MERGE table, even after the user's privileges were revoked from
the original table, which might violate intended security policy. This is
addressed by allowing the MERGE storage engine to be disabled, which can
be done by running mysqld with the "--skip-merge" option. (CVE-2006-4031)
MySQL evaluated arguments in the wrong security context, which allowed an
authenticated user to gain privileges through a routine that had been made
available using "GRANT EXECUTE". (CVE-2006-4227)
Multiple flaws in MySQL allowed an authenticated user to cause the MySQL
daemon to crash via crafted SQL queries. This only caused a temporary
denial of service, as the MySQL daemon is automatically restarted after the
crash. (CVE-2006-7232, CVE-2007-1420, CVE-2007-2583)
As well, these updated packages fix the following bugs:
* a separate counter was used for "insert delayed" statements, which caused
rows to be discarded. In these updated packages, "insert delayed"
statements no longer use a separate counter, which resolves this issue.
* due to a bug in the Native POSIX Thread Library, in certain situations,
"flush tables" caused a deadlock on tables that had a read lock. The mysqld
daemon had to be killed forcefully. Now, "COND_refresh" has been replaced
with "COND_global_read_lock", which resolves this issue.
* mysqld crashed if a query for an unsigned column type contained a
negative value for a "WHERE [column] NOT IN" subquery.
* in master and slave server situations, specifying "on duplicate key
update" for "insert" statements did not update slave servers.
* in the mysql client, empty strings were displayed as "NULL". For
example, running "insert into [table-name] values (' ');" resulted in a
"NULL" entry being displayed when querying the table using "select * from
[table-name];".
* a bug in the optimizer code resulted in certain queries executing much
slower than expected.
* on 64-bit PowerPC architectures, MySQL did not calculate the thread stack
size correctly, which could have caused MySQL to crash when overly-complex
queries were used.
Note: these updated packages upgrade MySQL to version 5.0.45. For a full
list of bug fixes and enhancements, refer to the MySQL release notes:
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0.html
All mysql users are advised to upgrade to these updated packages, which
resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated mysql packages that fix various security issues and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.", "title": "Topic" }, { "category": "general", "text": "MySQL is a multi-user, multi-threaded SQL database server. MySQL is a\nclient/server implementation consisting of a server daemon (mysqld), and\nmany different client programs and libraries.\n\nMySQL did not require privileges such as \"SELECT\" for the source table in a\n\"CREATE TABLE LIKE\" statement. An authenticated user could obtain sensitive\ninformation, such as the table structure. (CVE-2007-3781)\n\nA flaw was discovered in MySQL that allowed an authenticated user to gain\nupdate privileges for a table in another database, via a view that refers\nto the external table. (CVE-2007-3782)\n\nMySQL did not require the \"DROP\" privilege for \"RENAME TABLE\" statements.\nAn authenticated user could use this flaw to rename arbitrary tables.\n(CVE-2007-2691)\n\nA flaw was discovered in the mysql_change_db function when returning from\nSQL SECURITY INVOKER stored routines. An authenticated user could use this\nflaw to gain database privileges. (CVE-2007-2692)\n\nMySQL allowed an authenticated user to bypass logging mechanisms via SQL\nqueries that contain the NULL character, which were not properly handled by\nthe mysql_real_query function. (CVE-2006-0903)\n\nMySQL allowed an authenticated user to access a table through a previously\ncreated MERGE table, even after the user\u0027s privileges were revoked from\nthe original table, which might violate intended security policy. This is\naddressed by allowing the MERGE storage engine to be disabled, which can\nbe done by running mysqld with the \"--skip-merge\" option. (CVE-2006-4031)\n\nMySQL evaluated arguments in the wrong security context, which allowed an\nauthenticated user to gain privileges through a routine that had been made\navailable using \"GRANT EXECUTE\". (CVE-2006-4227)\n\nMultiple flaws in MySQL allowed an authenticated user to cause the MySQL\ndaemon to crash via crafted SQL queries. This only caused a temporary\ndenial of service, as the MySQL daemon is automatically restarted after the\ncrash. (CVE-2006-7232, CVE-2007-1420, CVE-2007-2583)\n\nAs well, these updated packages fix the following bugs:\n\n* a separate counter was used for \"insert delayed\" statements, which caused\nrows to be discarded. In these updated packages, \"insert delayed\"\nstatements no longer use a separate counter, which resolves this issue.\n\n* due to a bug in the Native POSIX Thread Library, in certain situations,\n\"flush tables\" caused a deadlock on tables that had a read lock. The mysqld\ndaemon had to be killed forcefully. Now, \"COND_refresh\" has been replaced\nwith \"COND_global_read_lock\", which resolves this issue.\n\n* mysqld crashed if a query for an unsigned column type contained a\nnegative value for a \"WHERE [column] NOT IN\" subquery.\n\n* in master and slave server situations, specifying \"on duplicate key\nupdate\" for \"insert\" statements did not update slave servers.\n\n* in the mysql client, empty strings were displayed as \"NULL\". For\nexample, running \"insert into [table-name] values (\u0027 \u0027);\" resulted in a\n\"NULL\" entry being displayed when querying the table using \"select * from\n[table-name];\".\n\n* a bug in the optimizer code resulted in certain queries executing much\nslower than expected.\n\n* on 64-bit PowerPC architectures, MySQL did not calculate the thread stack\nsize correctly, which could have caused MySQL to crash when overly-complex\nqueries were used.\n\nNote: these updated packages upgrade MySQL to version 5.0.45. For a full\nlist of bug fixes and enhancements, refer to the MySQL release notes:\nhttp://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0.html\n\nAll mysql users are advised to upgrade to these updated packages, which\nresolve these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2008:0364", "url": "https://access.redhat.com/errata/RHSA-2008:0364" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "194613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=194613" }, { "category": "external", "summary": "202246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=202246" }, { "category": "external", "summary": "216427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=216427" }, { "category": "external", "summary": "232603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=232603" }, { "category": "external", "summary": "240813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240813" }, { "category": "external", "summary": "241688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241688" }, { "category": "external", "summary": "241689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241689" }, { "category": "external", "summary": "248553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=248553" }, { "category": "external", "summary": "254012", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=254012" }, { "category": "external", "summary": "256501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=256501" }, { "category": "external", "summary": "349121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=349121" }, { "category": "external", "summary": "434264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=434264" }, { "category": "external", "summary": "435391", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=435391" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0364.json" } ], "title": "Red Hat Security Advisory: mysql security and bug fix update", "tracking": { "current_release_date": "2024-11-22T01:59:09+00:00", "generator": { "date": "2024-11-22T01:59:09+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2008:0364", "initial_release_date": "2008-05-20T12:44:00+00:00", "revision_history": [ { "date": "2008-05-20T12:44:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2008-05-20T08:44:41+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T01:59:09+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.x86_64", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.x86_64", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-bench-0:5.0.45-7.el5.x86_64", "product": { "name": "mysql-bench-0:5.0.45-7.el5.x86_64", "product_id": "mysql-bench-0:5.0.45-7.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.45-7.el5?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.45-7.el5.x86_64", "product": { "name": "mysql-server-0:5.0.45-7.el5.x86_64", "product_id": "mysql-server-0:5.0.45-7.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.45-7.el5?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.45-7.el5.x86_64", "product": { "name": "mysql-test-0:5.0.45-7.el5.x86_64", "product_id": "mysql-test-0:5.0.45-7.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.45-7.el5?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.x86_64", "product": { "name": "mysql-devel-0:5.0.45-7.el5.x86_64", "product_id": "mysql-devel-0:5.0.45-7.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.x86_64", "product": { "name": "mysql-0:5.0.45-7.el5.x86_64", "product_id": "mysql-0:5.0.45-7.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.i386", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.i386", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=i386" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.i386", "product": { "name": "mysql-devel-0:5.0.45-7.el5.i386", "product_id": "mysql-devel-0:5.0.45-7.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=i386" } } }, { "category": "product_version", "name": "mysql-bench-0:5.0.45-7.el5.i386", "product": { "name": "mysql-bench-0:5.0.45-7.el5.i386", "product_id": "mysql-bench-0:5.0.45-7.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.45-7.el5?arch=i386" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.45-7.el5.i386", "product": { "name": "mysql-server-0:5.0.45-7.el5.i386", "product_id": "mysql-server-0:5.0.45-7.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.45-7.el5?arch=i386" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.45-7.el5.i386", "product": { "name": "mysql-test-0:5.0.45-7.el5.i386", "product_id": "mysql-test-0:5.0.45-7.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.45-7.el5?arch=i386" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.i386", "product": { "name": "mysql-0:5.0.45-7.el5.i386", "product_id": "mysql-0:5.0.45-7.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.src", "product": { "name": "mysql-0:5.0.45-7.el5.src", "product_id": "mysql-0:5.0.45-7.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.ia64", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ia64", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=ia64" } } }, { "category": "product_version", "name": "mysql-bench-0:5.0.45-7.el5.ia64", "product": { "name": "mysql-bench-0:5.0.45-7.el5.ia64", "product_id": "mysql-bench-0:5.0.45-7.el5.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.45-7.el5?arch=ia64" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.45-7.el5.ia64", "product": { "name": "mysql-server-0:5.0.45-7.el5.ia64", "product_id": "mysql-server-0:5.0.45-7.el5.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.45-7.el5?arch=ia64" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.ia64", "product": { "name": "mysql-0:5.0.45-7.el5.ia64", "product_id": "mysql-0:5.0.45-7.el5.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=ia64" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.45-7.el5.ia64", "product": { "name": "mysql-test-0:5.0.45-7.el5.ia64", "product_id": "mysql-test-0:5.0.45-7.el5.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.45-7.el5?arch=ia64" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.ia64", "product": { "name": "mysql-devel-0:5.0.45-7.el5.ia64", "product_id": "mysql-devel-0:5.0.45-7.el5.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc64", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc64", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=ppc64" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.45-7.el5.ppc64", "product": { "name": "mysql-server-0:5.0.45-7.el5.ppc64", "product_id": "mysql-server-0:5.0.45-7.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.45-7.el5?arch=ppc64" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.ppc64", "product": { "name": "mysql-0:5.0.45-7.el5.ppc64", "product_id": "mysql-0:5.0.45-7.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=ppc64" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.ppc64", "product": { "name": "mysql-devel-0:5.0.45-7.el5.ppc64", "product_id": "mysql-devel-0:5.0.45-7.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=ppc" } } }, { "category": "product_version", "name": "mysql-bench-0:5.0.45-7.el5.ppc", "product": { "name": "mysql-bench-0:5.0.45-7.el5.ppc", "product_id": "mysql-bench-0:5.0.45-7.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.45-7.el5?arch=ppc" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.45-7.el5.ppc", "product": { "name": "mysql-server-0:5.0.45-7.el5.ppc", "product_id": "mysql-server-0:5.0.45-7.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.45-7.el5?arch=ppc" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.ppc", "product": { "name": "mysql-0:5.0.45-7.el5.ppc", "product_id": "mysql-0:5.0.45-7.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=ppc" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.45-7.el5.ppc", "product": { "name": "mysql-test-0:5.0.45-7.el5.ppc", "product_id": "mysql-test-0:5.0.45-7.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.45-7.el5?arch=ppc" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.ppc", "product": { "name": "mysql-devel-0:5.0.45-7.el5.ppc", "product_id": "mysql-devel-0:5.0.45-7.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.s390x", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390x", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=s390x" } } }, { "category": "product_version", "name": "mysql-bench-0:5.0.45-7.el5.s390x", "product": { "name": "mysql-bench-0:5.0.45-7.el5.s390x", "product_id": "mysql-bench-0:5.0.45-7.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.45-7.el5?arch=s390x" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.45-7.el5.s390x", "product": { "name": "mysql-server-0:5.0.45-7.el5.s390x", "product_id": "mysql-server-0:5.0.45-7.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.45-7.el5?arch=s390x" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.s390x", "product": { "name": "mysql-0:5.0.45-7.el5.s390x", "product_id": "mysql-0:5.0.45-7.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=s390x" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.45-7.el5.s390x", "product": { "name": "mysql-test-0:5.0.45-7.el5.s390x", "product_id": "mysql-test-0:5.0.45-7.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.45-7.el5?arch=s390x" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.s390x", "product": { "name": "mysql-devel-0:5.0.45-7.el5.s390x", "product_id": "mysql-devel-0:5.0.45-7.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.45-7.el5.s390", "product": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390", "product_id": "mysql-debuginfo-0:5.0.45-7.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.45-7.el5?arch=s390" } } }, { "category": "product_version", "name": "mysql-0:5.0.45-7.el5.s390", "product": { "name": "mysql-0:5.0.45-7.el5.s390", "product_id": "mysql-0:5.0.45-7.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.45-7.el5?arch=s390" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.45-7.el5.s390", "product": { "name": "mysql-devel-0:5.0.45-7.el5.s390", "product_id": "mysql-devel-0:5.0.45-7.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.45-7.el5?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.src" }, "product_reference": "mysql-0:5.0.45-7.el5.src", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-server-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-server-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-test-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-test-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-test-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-test-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", "product_id": "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-test-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.src" }, "product_reference": "mysql-0:5.0.45-7.el5.src", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-bench-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-bench-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-bench-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-bench-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-bench-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-devel-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-server-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-server-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-server-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-server-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-server-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-server-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-server-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-server-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-test-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-test-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-test-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-test-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-test-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-test-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-test-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-test-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:mysql-test-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-test-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.src" }, "product_reference": "mysql-0:5.0.45-7.el5.src", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-bench-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-bench-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-bench-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-bench-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-bench-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-bench-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-debuginfo-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.s390" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.s390", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-devel-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-devel-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-server-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-server-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-server-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-server-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-server-0:5.0.45-7.el5.ppc64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.ppc64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-server-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-server-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-server-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-server-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-test-0:5.0.45-7.el5.i386" }, "product_reference": "mysql-test-0:5.0.45-7.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-test-0:5.0.45-7.el5.ia64" }, "product_reference": "mysql-test-0:5.0.45-7.el5.ia64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-test-0:5.0.45-7.el5.ppc" }, "product_reference": "mysql-test-0:5.0.45-7.el5.ppc", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-test-0:5.0.45-7.el5.s390x" }, "product_reference": "mysql-test-0:5.0.45-7.el5.s390x", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.45-7.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:mysql-test-0:5.0.45-7.el5.x86_64" }, "product_reference": "mysql-test-0:5.0.45-7.el5.x86_64", "relates_to_product_reference": "5Server" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-0903", "discovery_date": "2006-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "194613" } ], "notes": [ { "category": "description", "text": "MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mysql log file obfuscation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0903" }, { "category": "external", "summary": "RHBZ#194613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=194613" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0903", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0903" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0903", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0903" } ], "release_date": "2006-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Mysql log file obfuscation" }, { "cve": "CVE-2006-4031", "discovery_date": "2006-08-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "202246" } ], "notes": [ { "category": "description", "text": "MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user\u0027s privileges are revoked for the original table, which might violate intended security policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "MySQL improper permission revocation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect mysql packages as shipped with Red Hat Enterprise Linux 2.1 or 3", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4031" }, { "category": "external", "summary": "RHBZ#202246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=202246" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4031", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4031" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4031", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4031" } ], "release_date": "2005-11-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "MySQL improper permission revocation" }, { "cve": "CVE-2006-4227", "discovery_date": "2006-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "216427" } ], "notes": [ { "category": "description", "text": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql improper suid argument evaluation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of MySQL as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4227" }, { "category": "external", "summary": "RHBZ#216427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=216427" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4227", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4227" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4227", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4227" } ], "release_date": "2006-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql improper suid argument evaluation" }, { "cve": "CVE-2006-7232", "discovery_date": "2008-02-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "434264" } ], "notes": [ { "category": "description", "text": "sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: daemon crash via EXPLAIN on queries on information schema", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the MySQL packages as shipped in Red Hat Enterprise Linux 2.1, 3, and 4 as they did not support INFORMATION_SCHEMA, introduced in MySQL version 5.\n\nThe MySQL packages as shipped in Red Hat Application Stack v1 and v2 are based on upstream version which has the fix included.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-7232" }, { "category": "external", "summary": "RHBZ#434264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=434264" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-7232", "url": "https://www.cve.org/CVERecord?id=CVE-2006-7232" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-7232", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7232" } ], "release_date": "2006-09-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql: daemon crash via EXPLAIN on queries on information schema" }, { "cve": "CVE-2007-1420", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2007-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "232603" } ], "notes": [ { "category": "description", "text": "MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.", "title": "Vulnerability description" }, { "category": "summary", "text": "Single MySQL worker can be crashed (NULL deref) with certain SELECT statements", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect mysql packages as shipped in Red Hat Enterprise Linux 2.1, 3, and 4.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-1420" }, { "category": "external", "summary": "RHBZ#232603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=232603" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1420", "url": "https://www.cve.org/CVERecord?id=CVE-2007-1420" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1420", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1420" } ], "release_date": "2007-03-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Single MySQL worker can be crashed (NULL deref) with certain SELECT statements" }, { "cve": "CVE-2007-2583", "discovery_date": "2007-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "240813" } ], "notes": [ { "category": "description", "text": "The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql: DoS via statement with crafted IF clause", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect mysql packages as shipped in Red Hat Enterprise Linux 2.1, 3, and 4.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-2583" }, { "category": "external", "summary": "RHBZ#240813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240813" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-2583", "url": "https://www.cve.org/CVERecord?id=CVE-2007-2583" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-2583", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2583" } ], "release_date": "2007-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql: DoS via statement with crafted IF clause" }, { "cve": "CVE-2007-2691", "discovery_date": "2007-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "241688" } ], "notes": [ { "category": "description", "text": "MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql DROP privilege not enforced when renaming tables", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-2691" }, { "category": "external", "summary": "RHBZ#241688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241688" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-2691", "url": "https://www.cve.org/CVERecord?id=CVE-2007-2691" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-2691", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2691" } ], "release_date": "2007-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql DROP privilege not enforced when renaming tables" }, { "cve": "CVE-2007-2692", "discovery_date": "2007-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "241689" } ], "notes": [ { "category": "description", "text": "The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql SECURITY INVOKER functions do not drop privileges", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect mysql packages as shipped in Red Hat Enterprise Linux 2.1, 3 and 4.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-2692" }, { "category": "external", "summary": "RHBZ#241689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=241689" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-2692", "url": "https://www.cve.org/CVERecord?id=CVE-2007-2692" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-2692", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2692" } ], "release_date": "2007-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql SECURITY INVOKER functions do not drop privileges" }, { "cve": "CVE-2007-3781", "discovery_date": "2007-07-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "248553" } ], "notes": [ { "category": "description", "text": "MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.", "title": "Vulnerability description" }, { "category": "summary", "text": "New release of MySQL fixes security bugs", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248553\n\nThe Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-3781" }, { "category": "external", "summary": "RHBZ#248553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=248553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-3781", "url": "https://www.cve.org/CVERecord?id=CVE-2007-3781" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-3781", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3781" } ], "release_date": "2007-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "New release of MySQL fixes security bugs" }, { "cve": "CVE-2007-3782", "discovery_date": "2007-07-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "248553" } ], "notes": [ { "category": "description", "text": "MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.", "title": "Vulnerability description" }, { "category": "summary", "text": "New release of MySQL fixes security bugs", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248553\n\nThe Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.", "title": "Statement" } ], "product_status": { "fixed": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-3782" }, { "category": "external", "summary": "RHBZ#248553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=248553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-3782", "url": "https://www.cve.org/CVERecord?id=CVE-2007-3782" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-3782", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3782" } ], "release_date": "2007-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-05-20T12:44:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "5Client-Workstation:mysql-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-0:5.0.45-7.el5.src", "5Client-Workstation:mysql-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.ppc64", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-server-0:5.0.45-7.el5.x86_64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.i386", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ia64", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.ppc", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.s390x", "5Client-Workstation:mysql-test-0:5.0.45-7.el5.x86_64", "5Client:mysql-0:5.0.45-7.el5.i386", "5Client:mysql-0:5.0.45-7.el5.ia64", "5Client:mysql-0:5.0.45-7.el5.ppc", "5Client:mysql-0:5.0.45-7.el5.ppc64", "5Client:mysql-0:5.0.45-7.el5.s390", "5Client:mysql-0:5.0.45-7.el5.s390x", "5Client:mysql-0:5.0.45-7.el5.src", "5Client:mysql-0:5.0.45-7.el5.x86_64", "5Client:mysql-bench-0:5.0.45-7.el5.i386", "5Client:mysql-bench-0:5.0.45-7.el5.ia64", "5Client:mysql-bench-0:5.0.45-7.el5.ppc", "5Client:mysql-bench-0:5.0.45-7.el5.s390x", "5Client:mysql-bench-0:5.0.45-7.el5.x86_64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Client:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Client:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Client:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Client:mysql-devel-0:5.0.45-7.el5.i386", "5Client:mysql-devel-0:5.0.45-7.el5.ia64", "5Client:mysql-devel-0:5.0.45-7.el5.ppc", "5Client:mysql-devel-0:5.0.45-7.el5.ppc64", "5Client:mysql-devel-0:5.0.45-7.el5.s390", "5Client:mysql-devel-0:5.0.45-7.el5.s390x", "5Client:mysql-devel-0:5.0.45-7.el5.x86_64", "5Client:mysql-server-0:5.0.45-7.el5.i386", "5Client:mysql-server-0:5.0.45-7.el5.ia64", "5Client:mysql-server-0:5.0.45-7.el5.ppc", "5Client:mysql-server-0:5.0.45-7.el5.ppc64", "5Client:mysql-server-0:5.0.45-7.el5.s390x", "5Client:mysql-server-0:5.0.45-7.el5.x86_64", "5Client:mysql-test-0:5.0.45-7.el5.i386", "5Client:mysql-test-0:5.0.45-7.el5.ia64", "5Client:mysql-test-0:5.0.45-7.el5.ppc", "5Client:mysql-test-0:5.0.45-7.el5.s390x", "5Client:mysql-test-0:5.0.45-7.el5.x86_64", "5Server:mysql-0:5.0.45-7.el5.i386", "5Server:mysql-0:5.0.45-7.el5.ia64", "5Server:mysql-0:5.0.45-7.el5.ppc", "5Server:mysql-0:5.0.45-7.el5.ppc64", "5Server:mysql-0:5.0.45-7.el5.s390", "5Server:mysql-0:5.0.45-7.el5.s390x", "5Server:mysql-0:5.0.45-7.el5.src", "5Server:mysql-0:5.0.45-7.el5.x86_64", "5Server:mysql-bench-0:5.0.45-7.el5.i386", "5Server:mysql-bench-0:5.0.45-7.el5.ia64", "5Server:mysql-bench-0:5.0.45-7.el5.ppc", "5Server:mysql-bench-0:5.0.45-7.el5.s390x", "5Server:mysql-bench-0:5.0.45-7.el5.x86_64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.i386", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ia64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc", "5Server:mysql-debuginfo-0:5.0.45-7.el5.ppc64", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390", "5Server:mysql-debuginfo-0:5.0.45-7.el5.s390x", "5Server:mysql-debuginfo-0:5.0.45-7.el5.x86_64", "5Server:mysql-devel-0:5.0.45-7.el5.i386", "5Server:mysql-devel-0:5.0.45-7.el5.ia64", "5Server:mysql-devel-0:5.0.45-7.el5.ppc", "5Server:mysql-devel-0:5.0.45-7.el5.ppc64", "5Server:mysql-devel-0:5.0.45-7.el5.s390", "5Server:mysql-devel-0:5.0.45-7.el5.s390x", "5Server:mysql-devel-0:5.0.45-7.el5.x86_64", "5Server:mysql-server-0:5.0.45-7.el5.i386", "5Server:mysql-server-0:5.0.45-7.el5.ia64", "5Server:mysql-server-0:5.0.45-7.el5.ppc", "5Server:mysql-server-0:5.0.45-7.el5.ppc64", "5Server:mysql-server-0:5.0.45-7.el5.s390x", "5Server:mysql-server-0:5.0.45-7.el5.x86_64", "5Server:mysql-test-0:5.0.45-7.el5.i386", "5Server:mysql-test-0:5.0.45-7.el5.ia64", "5Server:mysql-test-0:5.0.45-7.el5.ppc", "5Server:mysql-test-0:5.0.45-7.el5.s390x", "5Server:mysql-test-0:5.0.45-7.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0364" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "New release of MySQL fixes security bugs" } ] }
rhsa-2007_0083
Vulnerability from csaf_redhat
Published
2007-02-19 19:41
Modified
2024-11-22 01:46
Summary
Red Hat Security Advisory: mysql security update
Notes
Topic
Updated MySQL packages for the Red Hat Application Stack comprising the v1.1
release are now available.
This update also resolves some minor security issues rated as having low
security impact by the Red Hat Security Response Team.
Details
Several minor security issues were found in MySQL:
MySQL allowed remote authenticated users to create or access a database
when the database name differed only in case from a database for which they
had permissions. (CVE-2006-4226)
MySQL evaluated arguments in the wrong security context which allowed
remote authenticated users to gain privileges through a routine that had
been made available using GRANT EXECUTE. (CVE-2006-4227)
MySQL allowed a local user to access a table through a previously created
MERGE table, even after the user's privileges were revoked for the original
table, which might violate intended security policy. (CVE-2006-4031)
MySQL allowed authenticated users to cause a denial of service (crash) via
a NULL second argument to the str_to_date function. (CVE-2006-3081)
MySQL allowed local authenticated users to bypass logging mechanisms via
SQL queries that contain the NULL character, which were not properly
handled by the mysql_real_query function. (CVE-2006-0903)
Users of MySQL should upgrade to these updated packages, which resolve
these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated MySQL packages for the Red Hat Application Stack comprising the v1.1\nrelease are now available.\n\nThis update also resolves some minor security issues rated as having low\nsecurity impact by the Red Hat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "Several minor security issues were found in MySQL:\n\nMySQL allowed remote authenticated users to create or access a database\nwhen the database name differed only in case from a database for which they\nhad permissions. (CVE-2006-4226)\n\nMySQL evaluated arguments in the wrong security context which allowed\nremote authenticated users to gain privileges through a routine that had\nbeen made available using GRANT EXECUTE. (CVE-2006-4227)\n\nMySQL allowed a local user to access a table through a previously created\nMERGE table, even after the user\u0027s privileges were revoked for the original\ntable, which might violate intended security policy. (CVE-2006-4031)\n\nMySQL allowed authenticated users to cause a denial of service (crash) via\na NULL second argument to the str_to_date function. (CVE-2006-3081)\n\nMySQL allowed local authenticated users to bypass logging mechanisms via\nSQL queries that contain the NULL character, which were not properly\nhandled by the mysql_real_query function. (CVE-2006-0903)\n\nUsers of MySQL should upgrade to these updated packages, which resolve\nthese issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2007:0083", "url": "https://access.redhat.com/errata/RHSA-2007:0083" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "228999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=228999" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0083.json" } ], "title": "Red Hat Security Advisory: mysql security update", "tracking": { "current_release_date": "2024-11-22T01:46:37+00:00", "generator": { "date": "2024-11-22T01:46:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2007:0083", "initial_release_date": "2007-02-19T19:41:00+00:00", "revision_history": [ { "date": "2007-02-19T19:41:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2007-02-19T14:51:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T01:46:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product": { "name": "Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_application_stack:1" } } }, { "category": "product_name", "name": "Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product": { "name": "Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_application_stack:1" } } } ], "category": "product_family", "name": "Red Hat Application Stack" }, { "branches": [ { "category": "product_version", "name": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "product": { "name": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "product_id": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.30-1.el4s1.1?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "product": { "name": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "product_id": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.30-1.el4s1.1?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "product": { "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "product_id": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.30-1.el4s1.1?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.30-1.el4s1.1.x86_64", "product": { "name": "mysql-server-0:5.0.30-1.el4s1.1.x86_64", "product_id": "mysql-server-0:5.0.30-1.el4s1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.30-1.el4s1.1?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-0:5.0.30-1.el4s1.1.x86_64", "product": { "name": "mysql-0:5.0.30-1.el4s1.1.x86_64", "product_id": "mysql-0:5.0.30-1.el4s1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.30-1.el4s1.1?arch=x86_64" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.30-1.el4s1.1.x86_64", "product": { "name": "mysql-test-0:5.0.30-1.el4s1.1.x86_64", "product_id": "mysql-test-0:5.0.30-1.el4s1.1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.30-1.el4s1.1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "product": { "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "product_id": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-debuginfo@5.0.30-1.el4s1.1?arch=i386" } } }, { "category": "product_version", "name": "mysql-0:5.0.30-1.el4s1.1.i386", "product": { "name": "mysql-0:5.0.30-1.el4s1.1.i386", "product_id": "mysql-0:5.0.30-1.el4s1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql@5.0.30-1.el4s1.1?arch=i386" } } }, { "category": "product_version", "name": "mysql-bench-0:5.0.30-1.el4s1.1.i386", "product": { "name": "mysql-bench-0:5.0.30-1.el4s1.1.i386", "product_id": "mysql-bench-0:5.0.30-1.el4s1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-bench@5.0.30-1.el4s1.1?arch=i386" } } }, { "category": "product_version", "name": "mysql-devel-0:5.0.30-1.el4s1.1.i386", "product": { "name": "mysql-devel-0:5.0.30-1.el4s1.1.i386", "product_id": "mysql-devel-0:5.0.30-1.el4s1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-devel@5.0.30-1.el4s1.1?arch=i386" } } }, { "category": "product_version", "name": "mysql-server-0:5.0.30-1.el4s1.1.i386", "product": { "name": "mysql-server-0:5.0.30-1.el4s1.1.i386", "product_id": "mysql-server-0:5.0.30-1.el4s1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-server@5.0.30-1.el4s1.1?arch=i386" } } }, { "category": "product_version", "name": "mysql-test-0:5.0.30-1.el4s1.1.i386", "product": { "name": "mysql-test-0:5.0.30-1.el4s1.1.i386", "product_id": "mysql-test-0:5.0.30-1.el4s1.1.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mysql-test@5.0.30-1.el4s1.1?arch=i386" } } } ], "category": "architecture", "name": "i386" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-bench-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-devel-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-server-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-server-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-test-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)", "product_id": "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-test-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4AS-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-bench-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-devel-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-server-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-server-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-server-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.30-1.el4s1.1.i386 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386" }, "product_reference": "mysql-test-0:5.0.30-1.el4s1.1.i386", "relates_to_product_reference": "4ES-RHWAS" }, { "category": "default_component_of", "full_product_name": { "name": "mysql-test-0:5.0.30-1.el4s1.1.x86_64 as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)", "product_id": "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" }, "product_reference": "mysql-test-0:5.0.30-1.el4s1.1.x86_64", "relates_to_product_reference": "4ES-RHWAS" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-0903", "discovery_date": "2006-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "194613" } ], "notes": [ { "category": "description", "text": "MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mysql log file obfuscation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-0903" }, { "category": "external", "summary": "RHBZ#194613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=194613" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0903", "url": "https://www.cve.org/CVERecord?id=CVE-2006-0903" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0903", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0903" } ], "release_date": "2006-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-02-19T19:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0083" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Mysql log file obfuscation" }, { "cve": "CVE-2006-3081", "discovery_date": "2006-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618132" } ], "notes": [ { "category": "description", "text": "mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-3081" }, { "category": "external", "summary": "RHBZ#1618132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618132" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-3081", "url": "https://www.cve.org/CVERecord?id=CVE-2006-3081" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-3081", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3081" } ], "release_date": "2006-06-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-02-19T19:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0083" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "security flaw" }, { "cve": "CVE-2006-4031", "discovery_date": "2006-08-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "202246" } ], "notes": [ { "category": "description", "text": "MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user\u0027s privileges are revoked for the original table, which might violate intended security policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "MySQL improper permission revocation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect mysql packages as shipped with Red Hat Enterprise Linux 2.1 or 3", "title": "Statement" } ], "product_status": { "fixed": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4031" }, { "category": "external", "summary": "RHBZ#202246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=202246" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4031", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4031" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4031", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4031" } ], "release_date": "2005-11-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-02-19T19:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0083" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "MySQL improper permission revocation" }, { "cve": "CVE-2006-4226", "discovery_date": "2006-08-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "203428" } ], "notes": [ { "category": "description", "text": "MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql-server create database privilege escalation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect Red Hat Enterprise Linux 2.1 or 3", "title": "Statement" } ], "product_status": { "fixed": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4226" }, { "category": "external", "summary": "RHBZ#203428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=203428" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4226", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4226" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4226", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4226" } ], "release_date": "2006-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-02-19T19:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0083" } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "mysql-server create database privilege escalation" }, { "cve": "CVE-2006-4227", "discovery_date": "2006-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "216427" } ], "notes": [ { "category": "description", "text": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.", "title": "Vulnerability description" }, { "category": "summary", "text": "mysql improper suid argument evaluation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of MySQL as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.", "title": "Statement" } ], "product_status": { "fixed": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4227" }, { "category": "external", "summary": "RHBZ#216427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=216427" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4227", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4227" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4227", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4227" } ], "release_date": "2006-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-02-19T19:41:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4AS-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-bench-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-debuginfo-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-devel-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-server-0:5.0.30-1.el4s1.1.x86_64", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.i386", "4ES-RHWAS:mysql-test-0:5.0.30-1.el4s1.1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0083" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mysql improper suid argument evaluation" } ] }
gsd-2006-4227
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2006-4227", "description": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.", "id": "GSD-2006-4227", "references": [ "https://www.suse.com/security/cve/CVE-2006-4227.html", "https://access.redhat.com/errata/RHSA-2008:0364", "https://access.redhat.com/errata/RHSA-2007:0083", "https://linux.oracle.com/cve/CVE-2006-4227.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2006-4227" ], "details": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.", "id": "GSD-2006-4227", "modified": "2023-12-13T01:19:51.965124Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4227", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "mysql-grant-execute-privilege-escalation(28442)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28442" }, { "name": "ADV-2006-3306", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3306" }, { "name": "SUSE-SR:2006:023", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" }, { "name": "oval:org.mitre.oval:def:10105", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105" }, { "name": "USN-338-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-338-1" }, { "name": "21506", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21506" }, { "name": "19559", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19559" }, { "name": "22080", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22080" }, { "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html", "refsource": "CONFIRM", "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html" }, { "name": "21770", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21770" }, { "name": "30351", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30351" }, { "name": "1016709", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016709" }, { "name": "RHSA-2007:0083", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" }, { "name": "RHSA-2008:0364", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" }, { "name": "http://bugs.mysql.com/bug.php?id=18630", "refsource": "CONFIRM", "url": "http://bugs.mysql.com/bug.php?id=18630" }, { "name": "[commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630", "refsource": "MLIST", "url": "http://lists.mysql.com/commits/7918" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4227" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine\u0027s definer instead of the routine\u0027s caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-20" } ] } ] }, "references": { "reference_data": [ { "name": "[commits] 20060620 bk commit into 5.0 tree (kroki:1.2168) BUG#18630", "refsource": "MLIST", "tags": [], "url": "http://lists.mysql.com/commits/7918" }, { "name": "http://bugs.mysql.com/bug.php?id=18630", "refsource": "CONFIRM", "tags": [ "Exploit" ], "url": "http://bugs.mysql.com/bug.php?id=18630" }, { "name": "19559", "refsource": "BID", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/19559" }, { "name": "21506", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21506" }, { "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html", "refsource": "CONFIRM", "tags": [], "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html" }, { "name": "1016709", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1016709" }, { "name": "USN-338-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/usn-338-1" }, { "name": "21770", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/21770" }, { "name": "SUSE-SR:2006:023", "refsource": "SUSE", "tags": [], "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" }, { "name": "22080", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/22080" }, { "name": "RHSA-2007:0083", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" }, { "name": "RHSA-2008:0364", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" }, { "name": "30351", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30351" }, { "name": "ADV-2006-3306", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/3306" }, { "name": "mysql-grant-execute-privilege-escalation(28442)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28442" }, { "name": "oval:org.mitre.oval:def:10105", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10105" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2019-12-17T20:05Z", "publishedDate": "2006-08-18T20:04Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.