Vulnerabilities > CVE-2006-1517

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mysql

oracle

nessus

NVD

Published: 2006-05-05

Updated: 2024-11-21

Summary

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.

Vulnerable Configurations

Part	Description	Count
Application	Mysql Mysql Mysql 5.0.5 Mysql Mysql 5.0.10 Mysql Mysql 5.0.15 Mysql Mysql 5.0.17 Mysql Mysql 4.1.13 Mysql Mysql 5.0.3 Mysql Mysql 4.1.15 Mysql Mysql 4.1.8 Mysql Mysql 4.1.14 Mysql Mysql 5.0.16 Mysql Mysql 4.1.3 Mysql Mysql 5.0.4 Mysql Mysql 4.1.0 Mysql Mysql 5.0.1 Mysql Mysql 5.0.2 Mysql Mysql 4.1.10 Mysql Mysql 4.1.12	17
Application	Oracle Oracle Mysql 4.0.0 Oracle Mysql 4.0.11 Oracle Mysql 4.0.12 Oracle Mysql 4.0.13 Oracle Mysql 4.0.14 Oracle Mysql 4.0.15 Oracle Mysql 4.0.16 Oracle Mysql 4.0.17 Oracle Mysql 4.0.18 Oracle Mysql 4.0.19 Oracle Mysql 4.0.10 Oracle Mysql 4.0.9 Oracle Mysql 4.0.8 Oracle Mysql 4.0.7 Oracle Mysql 4.0.6 Oracle Mysql 4.0.5A Oracle Mysql 4.0.5 Oracle Mysql 4.0.4 Oracle Mysql 4.0.3 Oracle Mysql 4.0.2 Oracle Mysql 4.0.1 Oracle Mysql 4.0.20 Oracle Mysql 4.0.21 Oracle Mysql 4.0.23 Oracle Mysql 4.0.24 Oracle Mysql 4.0.25 Oracle Mysql 4.0.26 Oracle Mysql 4.1.0 Oracle Mysql 4.1.2 Oracle Mysql 4.1.3 Oracle Mysql 4.1.4 Oracle Mysql 4.1.5 Oracle Mysql 4.1.6 Oracle Mysql 4.1.7 Oracle Mysql 4.1.9 Oracle Mysql 4.1.11 Oracle Mysql 4.1.16 Oracle Mysql 4.1.17 Oracle Mysql 4.1.18 Oracle Mysql 5.0.0 Oracle Mysql 5.0.3 Oracle Mysql 5.0.6 Oracle Mysql 5.0.11 Oracle Mysql 5.0.12 Oracle Mysql 5.0.13 Oracle Mysql 5.0.14 Oracle Mysql 5.0.18 Oracle Mysql 5.0.7 Oracle Mysql 5.0.8 Oracle Mysql 5.0.9	54

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2006-0544.NASL
description	Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. A flaw was found in the way the MySQL mysql_real_escape() function escaped strings when operating in a multibyte character encoding. An attacker could provide an application a carefully crafted string containing invalidly-encoded characters which may be improperly escaped, leading to the injection of malicious SQL commands. (CVE-2006-2753) An information disclosure flaw was found in the way the MySQL server processed malformed usernames. An attacker could view a small portion of server memory by supplying an anonymous login username which was not null terminated. (CVE-2006-1516) An information disclosure flaw was found in the way the MySQL server executed the COM_TABLE_DUMP command. An authenticated malicious user could send a specially crafted packet to the MySQL server which returned random unallocated memory. (CVE-2006-1517) A log file obfuscation flaw was found in the way the mysql_real_query() function creates log file entries. An attacker with the the ability to call the mysql_real_query() function against a mysql server can obfuscate the entry the server will write to the log file. However, an attacker needed to have complete control over a server in order to attempt this attack. (CVE-2006-0903) This update also fixes numerous non-security-related flaws, such as intermittent authentication failures. All users of mysql are advised to upgrade to these updated packages containing MySQL version 4.1.20, which is not vulnerable to these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	21683
published	2006-06-11
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21683
title	RHEL 4 : mysql (RHSA-2006:0544)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2006:0544. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(21683); script_version ("1.24"); script_cvs_date("Date: 2019/10/25 13:36:12"); script_cve_id("CVE-2006-0903", "CVE-2006-1516", "CVE-2006-1517", "CVE-2006-2753", "CVE-2006-3081", "CVE-2006-4380"); script_bugtraq_id(17780); script_xref(name:"RHSA", value:"2006:0544"); script_name(english:"RHEL 4 : mysql (RHSA-2006:0544)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. A flaw was found in the way the MySQL mysql_real_escape() function escaped strings when operating in a multibyte character encoding. An attacker could provide an application a carefully crafted string containing invalidly-encoded characters which may be improperly escaped, leading to the injection of malicious SQL commands. (CVE-2006-2753) An information disclosure flaw was found in the way the MySQL server processed malformed usernames. An attacker could view a small portion of server memory by supplying an anonymous login username which was not null terminated. (CVE-2006-1516) An information disclosure flaw was found in the way the MySQL server executed the COM_TABLE_DUMP command. An authenticated malicious user could send a specially crafted packet to the MySQL server which returned random unallocated memory. (CVE-2006-1517) A log file obfuscation flaw was found in the way the mysql_real_query() function creates log file entries. An attacker with the the ability to call the mysql_real_query() function against a mysql server can obfuscate the entry the server will write to the log file. However, an attacker needed to have complete control over a server in order to attempt this attack. (CVE-2006-0903) This update also fixes numerous non-security-related flaws, such as intermittent authentication failures. All users of mysql are advised to upgrade to these updated packages containing MySQL version 4.1.20, which is not vulnerable to these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-0903" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-1516" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-1517" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-2753" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-3081" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-4380" ); # http://lists.mysql.com/announce/364 script_set_attribute( attribute:"see_also", value:"https://lists.mysql.com/announce/364" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2006:0544" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/02/27"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/06/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^4([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2006:0544"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"mysql-4.1.20-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"mysql-bench-4.1.20-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"mysql-devel-4.1.20-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"mysql-server-4.1.20-1.RHEL4.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-devel / mysql-server"); } }

NASL family	Databases
NASL id	MYSQL_5_0_21.NASL
description	The version of MySQL installed on the remote host is earlier than 4.0.27 / 4.1.19 / 5.0.21. As such, it is potentially affected by the following vulnerabilities : - A remote attacker may be able to read portions of memory by sending a specially crafted login packet in which the username does not have a trailing NULL. (CVE-2006-1516) - A remote attacker may be able to read portions of memory by sending a specially crafted COM_TABLE_DUMP request with an incorrect packet length. (CVE-2006-1517) - A buffer overflow in the
last seen	2020-06-01
modified	2020-06-02
plugin id	17697
published	2011-11-18
reporter	This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/17697
title	MySQL < 4.0.27 / 4.1.19 / 5.0.21 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(17697); script_version("1.8"); script_cvs_date("Date: 2018/11/15 20:50:21"); script_cve_id("CVE-2006-1516", "CVE-2006-1517", "CVE-2006-1518"); script_bugtraq_id(17780); script_xref(name:"CERT", value:"602457"); script_name(english:"MySQL < 4.0.27 / 4.1.19 / 5.0.21 Multiple Vulnerabilities"); script_summary(english:"Checks version of MySQL Server"); script_set_attribute(attribute:"synopsis", value: "The remote database server is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of MySQL installed on the remote host is earlier than 4.0.27 / 4.1.19 / 5.0.21. As such, it is potentially affected by the following vulnerabilities : - A remote attacker may be able to read portions of memory by sending a specially crafted login packet in which the username does not have a trailing NULL. (CVE-2006-1516) - A remote attacker may be able to read portions of memory by sending a specially crafted COM_TABLE_DUMP request with an incorrect packet length. (CVE-2006-1517) - A buffer overflow in the 'open_table()' function could allow a remote, authenticated attacker to execute arbitrary code via specially crafted COM_TABLE_DUMP packets. (CVE-2006-1518)"); script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/4.1/en/news-4-0-27.html"); script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html"); script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"); script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/archive/1/432734/100/0/threaded"); script_set_attribute(attribute:"solution", value: "Upgrade to MySQL version 4.0.27 / 4.1.19 / 5.0.21 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/05/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/18"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Databases"); script_copyright(english:"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("mysql_version.nasl", "mysql_login.nasl"); script_require_ports("Services/mysql", 3306); script_require_keys("Settings/ParanoidReport"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("mysql_func.inc"); # nb: banner checks of open source software are prone to false- # positives so only run the check if reporting is paranoid. if (report_paranoia < 2) exit(1, "This plugin only runs if 'Report paranoia' is set to 'Paranoid'."); port = get_service(svc:"mysql", default:3306, exit_on_fail:TRUE); if (!mysql_init(port:port, exit_on_fail:TRUE) == 1) exit(1, "Can't establish a connection to the MySQL server listening on port "+port+"."); version = mysql_get_version(); mysql_close(); if (!strlen(version)) exit(1, "Can't get the version of the MySQL server listening on port "+port+"."); if ( version =~ "^4\.0\.([01]?[0-9]\|2[0-6])($\|[^0-9])" \|\| version =~ "^4\.1\.(0?[0-9]\|1[0-8])($\|[^0-9])" \|\| version =~ "^5\.0\.([01]?[0-9]\|20)($\|[^0-9])" ) { if (report_verbosity > 0) { report = '\n Installed version : ' + version + '\n Fixed version : 4.0.27 / 4.1.19 / 5.0.21' + '\n'; datadir = get_kb_item('mysql/' + port + '/datadir'); if (!empty_or_null(datadir)) { report += ' Data Dir : ' + datadir + '\n'; } databases = get_kb_item('mysql/' + port + '/databases'); if (!empty_or_null(databases)) { report += ' Databases :\n' + databases; } security_warning(port:port, extra:report); } else security_warning(port); exit(0); } else exit(0, "The MySQL "+version+" server listening on port "+port+" is not affected.");

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-283-1.NASL
description	Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. (CVE-2006-1516) Stefano Di Paola also found a similar information leak in the parser for the COM_TABLE_DUMP request. (CVE-2006-1517). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	21377
published	2006-05-13
reporter	Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/21377
title	Ubuntu 5.04 / 5.10 : mysql-dfsg-4.1, mysql-dfsg vulnerabilities (USN-283-1)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-283-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(21377); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:33:00"); script_cve_id("CVE-2006-1516", "CVE-2006-1517"); script_bugtraq_id(17780); script_xref(name:"USN", value:"283-1"); script_name(english:"Ubuntu 5.04 / 5.10 : mysql-dfsg-4.1, mysql-dfsg vulnerabilities (USN-283-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. (CVE-2006-1516) Stefano Di Paola also found a similar information leak in the parser for the COM_TABLE_DUMP request. (CVE-2006-1517). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient12"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient12-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient14-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-client-4.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-common-4.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server-4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10"); script_set_attribute(attribute:"patch_publication_date", value:"2006/05/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/05/13"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/05/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(5\.04\|5\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.04 / 5.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"5.04", pkgname:"libmysqlclient12", pkgver:"4.0.23-3ubuntu2.3")) flag++; if (ubuntu_check(osver:"5.04", pkgname:"libmysqlclient12-dev", pkgver:"4.0.23-3ubuntu2.3")) flag++; if (ubuntu_check(osver:"5.04", pkgname:"mysql-client", pkgver:"4.0.23-3ubuntu2.3")) flag++; if (ubuntu_check(osver:"5.04", pkgname:"mysql-common", pkgver:"4.0.23-3ubuntu2.3")) flag++; if (ubuntu_check(osver:"5.04", pkgname:"mysql-server", pkgver:"4.0.23-3ubuntu2.3")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"libmysqlclient12", pkgver:"4.0.24-10ubuntu2.2")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"libmysqlclient12-dev", pkgver:"4.0.24-10ubuntu2.2")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"libmysqlclient14", pkgver:"4.1.12-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"libmysqlclient14-dev", pkgver:"4.1.12-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-client", pkgver:"4.0.24-10ubuntu2.2")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-client-4.1", pkgver:"4.1.12-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-common", pkgver:"4.0.24-10ubuntu2.2")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-common-4.1", pkgver:"4.1.12-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-server", pkgver:"4.0.24-10ubuntu2.2")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-server-4.1", pkgver:"4.1.12-1ubuntu3.3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmysqlclient12 / libmysqlclient12-dev / libmysqlclient14 / etc"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1073.NASL
description	Several vulnerabilities have been discovered in MySQL, a popular SQL database. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms. - CVE-2006-1516 Usernames without a trailing null byte allow remote attackers to read portions of memory. - CVE-2006-1517 A request with an incorrect packet length allows remote attackers to obtain sensitive information. - CVE-2006-1518 Specially crafted request packets with invalid length values allow the execution of arbitrary code. The following vulnerability matrix shows which version of MySQL in which distribution has this problem fixed : woody sarge sid mysql 3.23.49-8.15 n/a n/a mysql-dfsg n/a 4.0.24-10sarge2 n/a mysql-dfsg-4.1 n/a 4.1.11a-4sarge3 n/a mysql-dfsg-5.0 n/a n/a 5.0.21-3
last seen	2020-06-01
modified	2020-06-02
plugin id	22615
published	2006-10-14
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/22615
title	Debian DSA-1073-1 : mysql-dfsg-4.1 - several vulnerabilities
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1073. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(22615); script_version("1.20"); script_cvs_date("Date: 2019/08/02 13:32:19"); script_cve_id("CVE-2006-0903", "CVE-2006-1516", "CVE-2006-1517", "CVE-2006-1518"); script_bugtraq_id(16850, 17780); script_xref(name:"CERT", value:"602457"); script_xref(name:"DSA", value:"1073"); script_name(english:"Debian DSA-1073-1 : mysql-dfsg-4.1 - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been discovered in MySQL, a popular SQL database. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms. - CVE-2006-1516 Usernames without a trailing null byte allow remote attackers to read portions of memory. - CVE-2006-1517 A request with an incorrect packet length allows remote attackers to obtain sensitive information. - CVE-2006-1518 Specially crafted request packets with invalid length values allow the execution of arbitrary code. The following vulnerability matrix shows which version of MySQL in which distribution has this problem fixed : woody sarge sid mysql 3.23.49-8.15 n/a n/a mysql-dfsg n/a 4.0.24-10sarge2 n/a mysql-dfsg-4.1 n/a 4.1.11a-4sarge3 n/a mysql-dfsg-5.0 n/a n/a 5.0.21-3" ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366043" ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366048" ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366162" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-0903" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-1516" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-1517" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-1518" ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2006/dsa-1073" ); script_set_attribute(attribute:"solution", value:"Upgrade the mysql packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mysql-dfsg-4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1"); script_set_attribute(attribute:"patch_publication_date", value:"2006/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/02/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.1", prefix:"libmysqlclient14", reference:"4.1.11a-4sarge3")) flag++; if (deb_check(release:"3.1", prefix:"libmysqlclient14-dev", reference:"4.1.11a-4sarge3")) flag++; if (deb_check(release:"3.1", prefix:"mysql-client-4.1", reference:"4.1.11a-4sarge3")) flag++; if (deb_check(release:"3.1", prefix:"mysql-common-4.1", reference:"4.1.11a-4sarge3")) flag++; if (deb_check(release:"3.1", prefix:"mysql-server-4.1", reference:"4.1.11a-4sarge3")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2006-553.NASL
description	5.0.21 fixes several moderate-severity security issues: see CVE-2006-0903 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518, and our bugs 181335 182025 189054 190866 190868 190870 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	24105
published	2007-01-17
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24105
title	Fedora Core 5 : mysql-5.0.21-2.FC5.1 (2006-553)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-553. # include("compat.inc"); if (description) { script_id(24105); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_xref(name:"FEDORA", value:"2006-553"); script_name(english:"Fedora Core 5 : mysql-5.0.21-2.FC5.1 (2006-553)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: "5.0.21 fixes several moderate-severity security issues: see CVE-2006-0903 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518, and our bugs 181335 182025 189054 190866 190868 190870 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-May/000078.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1af83b43" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:5"); script_set_attribute(attribute:"patch_publication_date", value:"2006/05/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 5.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC5", reference:"mysql-5.0.21-2.FC5.1")) flag++; if (rpm_check(release:"FC5", reference:"mysql-bench-5.0.21-2.FC5.1")) flag++; if (rpm_check(release:"FC5", reference:"mysql-devel-5.0.21-2.FC5.1")) flag++; if (rpm_check(release:"FC5", reference:"mysql-server-5.0.21-2.FC5.1")) flag++; if (rpm_check(release:"FC5", reference:"mysql-test-5.0.21-2.FC5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-devel / mysql-server / mysql-test"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2006-554.NASL
description	4.1.19 fixes several moderate-severity security issues: see CVE-2006-0903 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518, also our bugs 180467 180639 182025 183261 190866 190868 190870 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	24106
published	2007-01-17
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24106
title	Fedora Core 4 : mysql-4.1.19-1.FC4.1 (2006-554)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-554. # include("compat.inc"); if (description) { script_id(24106); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_xref(name:"FEDORA", value:"2006-554"); script_name(english:"Fedora Core 4 : mysql-4.1.19-1.FC4.1 (2006-554)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: "4.1.19 fixes several moderate-severity security issues: see CVE-2006-0903 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518, also our bugs 180467 180639 182025 183261 190866 190868 190870 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-May/000079.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?917bd654" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:4"); script_set_attribute(attribute:"patch_publication_date", value:"2006/05/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^4([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 4.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC4", reference:"mysql-4.1.19-1.FC4.1")) flag++; if (rpm_check(release:"FC4", reference:"mysql-bench-4.1.19-1.FC4.1")) flag++; if (rpm_check(release:"FC4", reference:"mysql-devel-4.1.19-1.FC4.1")) flag++; if (rpm_check(release:"FC4", reference:"mysql-server-4.1.19-1.FC4.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-devel / mysql-server"); }

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2006-0544.NASL
description	Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. A flaw was found in the way the MySQL mysql_real_escape() function escaped strings when operating in a multibyte character encoding. An attacker could provide an application a carefully crafted string containing invalidly-encoded characters which may be improperly escaped, leading to the injection of malicious SQL commands. (CVE-2006-2753) An information disclosure flaw was found in the way the MySQL server processed malformed usernames. An attacker could view a small portion of server memory by supplying an anonymous login username which was not null terminated. (CVE-2006-1516) An information disclosure flaw was found in the way the MySQL server executed the COM_TABLE_DUMP command. An authenticated malicious user could send a specially crafted packet to the MySQL server which returned random unallocated memory. (CVE-2006-1517) A log file obfuscation flaw was found in the way the mysql_real_query() function creates log file entries. An attacker with the the ability to call the mysql_real_query() function against a mysql server can obfuscate the entry the server will write to the log file. However, an attacker needed to have complete control over a server in order to attempt this attack. (CVE-2006-0903) This update also fixes numerous non-security-related flaws, such as intermittent authentication failures. All users of mysql are advised to upgrade to these updated packages containing MySQL version 4.1.20, which is not vulnerable to these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	22000
published	2006-07-05
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/22000
title	CentOS 4 : mysql (CESA-2006:0544)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2006:0544 and # CentOS Errata and Security Advisory 2006:0544 respectively. # include("compat.inc"); if (description) { script_id(22000); script_version("1.18"); script_cvs_date("Date: 2019/10/25 13:36:03"); script_cve_id("CVE-2006-0903", "CVE-2006-1516", "CVE-2006-1517", "CVE-2006-2753", "CVE-2006-3081", "CVE-2006-4380"); script_bugtraq_id(17780); script_xref(name:"RHSA", value:"2006:0544"); script_name(english:"CentOS 4 : mysql (CESA-2006:0544)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. A flaw was found in the way the MySQL mysql_real_escape() function escaped strings when operating in a multibyte character encoding. An attacker could provide an application a carefully crafted string containing invalidly-encoded characters which may be improperly escaped, leading to the injection of malicious SQL commands. (CVE-2006-2753) An information disclosure flaw was found in the way the MySQL server processed malformed usernames. An attacker could view a small portion of server memory by supplying an anonymous login username which was not null terminated. (CVE-2006-1516) An information disclosure flaw was found in the way the MySQL server executed the COM_TABLE_DUMP command. An authenticated malicious user could send a specially crafted packet to the MySQL server which returned random unallocated memory. (CVE-2006-1517) A log file obfuscation flaw was found in the way the mysql_real_query() function creates log file entries. An attacker with the the ability to call the mysql_real_query() function against a mysql server can obfuscate the entry the server will write to the log file. However, an attacker needed to have complete control over a server in order to attempt this attack. (CVE-2006-0903) This update also fixes numerous non-security-related flaws, such as intermittent authentication failures. All users of mysql are advised to upgrade to these updated packages containing MySQL version 4.1.20, which is not vulnerable to these issues." ); # https://lists.centos.org/pipermail/centos-announce/2006-June/012951.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8862ac3b" ); # https://lists.centos.org/pipermail/centos-announce/2006-June/012952.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?778eb708" ); # https://lists.centos.org/pipermail/centos-announce/2006-June/012960.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?153a36e4" ); script_set_attribute( attribute:"solution", value:"Update the affected mysql packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/02/27"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/05"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) \|\| "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^4([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-4", reference:"mysql-4.1.20-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"mysql-bench-4.1.20-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"mysql-devel-4.1.20-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"mysql-server-4.1.20-1.RHEL4.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-devel / mysql-server"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1071.NASL
description	Several vulnerabilities have been discovered in MySQL, a popular SQL database. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms. - CVE-2006-1516 Usernames without a trailing null byte allow remote attackers to read portions of memory. - CVE-2006-1517 A request with an incorrect packet length allows remote attackers to obtain sensitive information. - CVE-2006-1518 Specially crafted request packets with invalid length values allow the execution of arbitrary code. The following vulnerability matrix shows which version of MySQL in which distribution has this problem fixed : woody sarge sid mysql 3.23.49-8.15 n/a n/a mysql-dfsg n/a 4.0.24-10sarge2 n/a mysql-dfsg-4.1 n/a 4.1.11a-4sarge3 n/a mysql-dfsg-5.0 n/a n/a 5.0.21-3
last seen	2020-06-01
modified	2020-06-02
plugin id	22613
published	2006-10-14
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/22613
title	Debian DSA-1071-1 : mysql - several vulnerabilities
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1071. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(22613); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:19"); script_cve_id("CVE-2006-0903", "CVE-2006-1516", "CVE-2006-1517", "CVE-2006-1518"); script_bugtraq_id(16850, 17780); script_xref(name:"DSA", value:"1071"); script_name(english:"Debian DSA-1071-1 : mysql - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been discovered in MySQL, a popular SQL database. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms. - CVE-2006-1516 Usernames without a trailing null byte allow remote attackers to read portions of memory. - CVE-2006-1517 A request with an incorrect packet length allows remote attackers to obtain sensitive information. - CVE-2006-1518 Specially crafted request packets with invalid length values allow the execution of arbitrary code. The following vulnerability matrix shows which version of MySQL in which distribution has this problem fixed : woody sarge sid mysql 3.23.49-8.15 n/a n/a mysql-dfsg n/a 4.0.24-10sarge2 n/a mysql-dfsg-4.1 n/a 4.1.11a-4sarge3 n/a mysql-dfsg-5.0 n/a n/a 5.0.21-3" ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366044" ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366049" ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366163" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-0903" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-1516" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-1517" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2006-1518" ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2006/dsa-1071" ); script_set_attribute(attribute:"solution", value:"Upgrade the mysql packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mysql"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0"); script_set_attribute(attribute:"patch_publication_date", value:"2006/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/02/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.0", prefix:"libmysqlclient10", reference:"3.23.49-8.15")) flag++; if (deb_check(release:"3.0", prefix:"libmysqlclient10-dev", reference:"3.23.49-8.15")) flag++; if (deb_check(release:"3.0", prefix:"mysql-client", reference:"3.23.49-8.15")) flag++; if (deb_check(release:"3.0", prefix:"mysql-common", reference:"3.23.49-8.15")) flag++; if (deb_check(release:"3.0", prefix:"mysql-doc", reference:"3.23.49-8.5")) flag++; if (deb_check(release:"3.0", prefix:"mysql-server", reference:"3.23.49-8.15")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-306-1.NASL
description	MySQL did not correctly handle NULL as the second argument to the str_to_date() function. An authenticated user could exploit this to crash the server. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	27881
published	2007-11-10
reporter	Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27881
title	Ubuntu 5.10 : mysql-dfsg-4.1 vulnerability (USN-306-1)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-306-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(27881); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:01"); script_cve_id("CVE-2006-1516", "CVE-2006-1517", "CVE-2006-1518", "CVE-2006-3081"); script_xref(name:"USN", value:"306-1"); script_name(english:"Ubuntu 5.10 : mysql-dfsg-4.1 vulnerability (USN-306-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "MySQL did not correctly handle NULL as the second argument to the str_to_date() function. An authenticated user could exploit this to crash the server. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient14"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient14-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-client-4.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-common-4.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server-4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/05/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(5\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"5.10", pkgname:"libmysqlclient14", pkgver:"4.1.12-1ubuntu3.6")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"libmysqlclient14-dev", pkgver:"4.1.12-1ubuntu3.6")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-client-4.1", pkgver:"4.1.12-1ubuntu3.6")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-common-4.1", pkgver:"4.1.12-1ubuntu3.6")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mysql-server-4.1", pkgver:"4.1.12-1ubuntu3.6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmysqlclient14 / libmysqlclient14-dev / mysql-client-4.1 / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SA_2006_036.NASL
description	The remote host is missing the patch for the advisory SUSE-SA:2006:036 (mysql). The database server MySQL was updated to fix the following security problems: - Attackers could read portions of memory by using a user name with trailing null byte or via COM_TABLE_DUMP command (CVE-2006-1516, CVE-2006-1517). - Attackers could potentially execute arbitrary code by causing a buffer overflow via specially crafted COM_TABLE_DUMP packets (CVE-2006-1518). The mysql server package was released on May 30th already, the mysql-Max server package was released on June 20th after additional bugfixes.
last seen	2019-10-28
modified	2007-02-18
plugin id	24416
published	2007-02-18
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24416
title	SUSE-SA:2006:036: mysql

NASL family	SuSE Local Security Checks
NASL id	SUSE_MYSQL-1312.NASL
description	Attackers could read portions of memory by using a user name with trailing null byte or via COM_TABLE_DUMP command (CVE-2006-1516, CVE-2006-1517). Attackers could execute arbitrary code by causing a buffer overflow via specially crafted COM_TABLE_DUMP packets (CVE-2006-1518).
last seen	2020-06-01
modified	2020-06-02
plugin id	27356
published	2007-10-17
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27356
title	openSUSE 10 Security Update : mysql (mysql-1312)

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_10_4_9.NASL
description	The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.9 or a version of Mac OS X 10.3 which does not have Security Update 2007-003 applied. This update contains several security fixes for the following programs : - ColorSync - CoreGraphics - Crash Reporter - CUPS - Disk Images - DS Plugins - Flash Player - GNU Tar - HFS - HID Family - ImageIO - Kernel - MySQL server - Networking - OpenSSH - Printing - QuickDraw Manager - servermgrd - SMB File Server - Software Update - sudo - WebLog
last seen	2020-06-01
modified	2020-06-02
plugin id	24811
published	2007-03-13
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24811
title	Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2006-129-02.NASL
description	New mysql packages are available for Slackware 10.2 and -current to fix security issues. The MySQL package shipped with Slackware 10.2 may possibly leak sensitive information found in uninitialized memory to authenticated users. The MySQL package previously in Slackware -current also suffered from these flaws, but an additional overflow could allow arbitrary code execution. Since the vulnerabilities require a valid login and/or access to the database server, the risk is moderate. Slackware does not provide network access to a MySQL database by default.
last seen	2020-06-01
modified	2020-06-02
plugin id	21345
published	2006-05-13
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/21345
title	Slackware 10.2 / current : mysql (SSA:2006-129-02)

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2006-084.NASL
description	The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. (CVE-2006-1516) sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. (CVE-2006-1517) Updated packages have been patched to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	21359
published	2006-05-13
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/21359
title	Mandrake Linux Security Advisory : MySQL (MDKSA-2006:084)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200605-13.NASL
description	The remote host is affected by the vulnerability described in GLSA-200605-13 (MySQL: Information leakage) The processing of the COM_TABLE_DUMP command by a MySQL server fails to properly validate packets that arrive from the client via a network socket. Impact : By crafting specific malicious packets an attacker could gather confidential information from the memory of a MySQL server process, for example results of queries by other users or applications. By using PHP code injection or similar techniques it would be possible to exploit this flaw through web applications that use MySQL as a database backend. Note that on 5.x versions it is possible to overwrite the stack and execute arbitrary code with this technique. Users of MySQL 5.x are urged to upgrade to the latest available version. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	21355
published	2006-05-13
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/21355
title	GLSA-200605-13 : MySQL: Information leakage

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_4913886CE87511DAB9F400123FFE8333.NASL
description	Secunia reports : MySQL have some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system. 1) An error within the code that generates an error response to an invalid COM_TABLE_DUMP packet can be exploited by an authenticated client to disclosure certain memory content of the server process. 2) A boundary error within the handling of specially crafted invalid COM_TABLE_DUMP packets can be exploited by an authenticated client to cause a buffer overflow and allows arbitrary code execution. 3) An error within the handling of malformed login packets can be exploited to disclosure certain memory content of the server process in the error messages.
last seen	2020-06-01
modified	2020-06-02
plugin id	21633
published	2006-06-05
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21633
title	FreeBSD : MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities (4913886c-e875-11da-b9f4-00123ffe8333)

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2006-155-01.NASL
description	New mysql packages are available for Slackware 9.1, 10.0, 10.1, 10.2 and -current to fix security issues. The MySQL packages shipped with Slackware 9.1, 10.0, and 10.1 may possibly leak sensitive information found in uninitialized memory to authenticated users. This is fixed in the new packages, and was already patched in Slackware 10.2 and -current. Since the vulnerabilities require a valid login and/or access to the database server, the risk is moderate. Slackware does not provide network access to a MySQL database by default.
last seen	2020-06-01
modified	2020-06-02
plugin id	21639
published	2006-06-05
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21639
title	Slackware 10.0 / 10.1 / 10.2 / 9.1 / current : mysql (SSA:2006-155-01)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1079.NASL
description	Several vulnerabilities have been discovered in MySQL, a popular SQL database. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms. - CVE-2006-1516 Usernames without a trailing null byte allow remote attackers to read portions of memory. - CVE-2006-1517 A request with an incorrect packet length allows remote attackers to obtain sensitive information. - CVE-2006-1518 Specially crafted request packets with invalid length values allow the execution of arbitrary code. The following vulnerability matrix shows which version of MySQL in which distribution has this problem fixed : woody sarge sid mysql 3.23.49-8.15 n/a n/a mysql-dfsg n/a 4.0.24-10sarge2 n/a mysql-dfsg-4.1 n/a 4.1.11a-4sarge3 n/a mysql-dfsg-5.0 n/a n/a 5.0.21-3
last seen	2020-06-01
modified	2020-06-02
plugin id	22621
published	2006-10-14
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/22621
title	Debian DSA-1079-1 : mysql-dfsg - several vulnerabilities

Oval

accepted

2013-04-29T04:10:57.600-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990

description

family

unix

oval:org.mitre.oval:def:11036

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

Redhat

advisories

rhsa

id	RHSA-2006:0544

rpms

mysql-0:4.1.20-1.RHEL4.1
mysql-bench-0:4.1.20-1.RHEL4.1
mysql-debuginfo-0:4.1.20-1.RHEL4.1
mysql-devel-0:4.1.20-1.RHEL4.1
mysql-server-0:4.1.20-1.RHEL4.1

Vulnerabilities > CVE-2006-1517 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2006-1517"}]}

Summary

Vulnerable Configurations

Nessus

Oval

Redhat

References

Vulnerabilities > CVE-2006-1517