mysql-5.0.77-3.1AXS3
エラータID: AXSA:2009-392:01
リリース日:
2009/09/08 Tuesday - 10:17
題名:
mysql-5.0.77-3.1AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- MySQL には、将来作成されるテーブルをポイント可能な MySQL ホームデータディレクトリ内 DATA DIRECTORY 引数や INDEX DIRECTORY 引数を修正した MyISAM テーブル上で、CREATE TABLE を呼び出すことで、権限チェックを適切に行わない脆弱性が存在します。(CVE-2008-2079)
- MySQL には a b'' トークンを適切に扱えない問題があり、リモートの攻撃者が SQL 文でこのトークンを使用することによってサービス拒否 (デーモンのクラッシュ) を引き起こす脆弱性があります。(CVE-2008-3963)
- MySQL の コマンドラインクライアントには --html オプションが有効になっている場合、クロスサイトスクリプティング (XSS) の脆弱性が存在し、攻撃者がデータベースのセルに置くことによって、任意のWEBスクリプトやHTMLを注入する脆弱性があります。(CVE-2008-4456)
- MySQL の dispatch_command 関数でリモートの認証されたユーザがサービス拒否 (デーモンのクラッシュ) を引き起こす脆弱性があります。
(CVE-2009-2446)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2008-2079
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
CVE-2008-3963
MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
CVE-2008-4456
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
CVE-2009-2446
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
追加情報:
Asianux Server 3 SP2 からのアップデートパッケージです。
ダウンロード:
SRPMS
- mysql-5.0.77-3.1AXS3.src.rpm
MD5: 674b7dd120e12595c501eec08dc792eb
SHA-256: 1774b6adff182b5eac974bc180cd7715c4fa71a56a644ddf1f58f11c7c0e2955
Size: 32.71 MB
Asianux Server 3 for x86
- mysql-5.0.77-3.1AXS3.i386.rpm
MD5: f5461b86e2417f6bf0c187f84c8cf129
SHA-256: 421f1e402e9b24251b38da2e5c2068170644edd8168a0edb57b5a8be207390f0
Size: 4.75 MB - mysql-bench-5.0.77-3.1AXS3.i386.rpm
MD5: fe802e6acaa363c621550d70c63e3624
SHA-256: ac5862cd64e3abda39e131761fd509107f18c3e59caa4ed548cf584ab774191f
Size: 509.19 kB - mysql-devel-5.0.77-3.1AXS3.i386.rpm
MD5: fb6a95ae2f4097cbe83b18eda6fb0a19
SHA-256: 0e647f774ceeac7c9f2abaf7620a7e09d356191eef48ab68e2a87ac6233c4f0b
Size: 2.43 MB - mysql-server-5.0.77-3.1AXS3.i386.rpm
MD5: 9a9bb3b01d77dd4249ad99d311760658
SHA-256: 03e4470d33421b4eca44c6115e2dfb8ba74c74ab1b243daba02fbbd4362140ce
Size: 9.78 MB
Asianux Server 3 for x86_64
- mysql-5.0.77-3.1AXS3.x86_64.rpm
MD5: 64cfcda7e395cd25f4c35f91f9e8785a
SHA-256: b1251e3c7ccaf4938a5784f73ac961fc9a137ba3f9bc146a9717da56c1dd7bc3
Size: 4.76 MB - mysql-bench-5.0.77-3.1AXS3.x86_64.rpm
MD5: 4ecd391eb161bcefc222dc7111f95075
SHA-256: 02d726ebf141eeaf1329a0bae4f4817c310de1ed7da3ecd1b0fbe5bc0d938568
Size: 509.14 kB - mysql-devel-5.0.77-3.1AXS3.x86_64.rpm
MD5: 0a53085f5d96bebb51368b6402fb1546
SHA-256: 27e3add10e69f9dbd6ff6722ff16d9977cddcda9c05ab6ddddc4d1f6b8cb9e12
Size: 2.47 MB - mysql-server-5.0.77-3.1AXS3.x86_64.rpm
MD5: ac4e37554573ebbe8e8a416b45a1cd6b
SHA-256: 1860e5075a501cf390479e63df1b34a3c5d1893c6fa624fc0f60bebf46378a78
Size: 9.84 MB