Advisories:rPSA-2006-0061

From rPath Wiki

rPath Security Advisory 2006-0061-1

Published: 2006-05-04

Products

• rPath Linux 1

Rating

Major

Exposure Level Classification

Remote System User Deterministic Privilege Escalation

Updated Versions

• mysql=conary.rpath.com@rpl:1/5.0.21-1-0.1
• mysql-bench=conary.rpath.com@rpl:1/5.0.21-1-0.1
• mysql-server=conary.rpath.com@rpl:1/5.0.21-1-0.1

rPath Issue Tracking System

• RPL-354

References

• http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
• http://www.wisec.it/vulns.php?page=8
• http://mysql.bkbits.net:8080/mysql-5.0/cset%40444e888d2475TDk0cJd77GLmEuICfA

Description

Previous versions of MySQL have security vulnerabilities that allow

authenticated but unprivileged database client users to subvert

the mysql server process.

These security vulnerabilities, along with many other bugs, are fixed

in MySQL 5.0.21.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html