mysql-5.0.77-4.2.1.AXS3
エラータID: AXSA:2010-125:02
リリース日:
2010/02/23 Tuesday - 20:38
題名:
mysql-5.0.77-4.2.1.AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- MySQL の mysqld で サブクエリのある SELECT 文の実行中にエラーを適切に扱えない問題と、GeomFromWKB 関数を使用する文の実行中に null_value フラグを保存しない問題が存在し、巧妙に細工された SQL文によって、リモートの認証されたユーザがサービス拒否 (デーモンのクラッシュ) を引き起こす脆弱性があります。(CVE-2009-4019)
- MySQL の vio_verify_callback 関数には、OpenSSL を使用している場合にX.509 証明書の処理に不備があるため、SSL サーバになりすまされる脆弱性が存在します。(CVE-2009-4028)
- MySQL には、変更された DATA DIRECTORY または INDEX DIRECTORY 引数をもつ MyISAM テーブル上で CREATE TABLE を呼び出すことにより、権限チェックを回避される脆弱性が存在します。
本脆弱性は CVE-2008-4098 と CVE-2008-2079 の修正が不完全だったことによる問題です。(CVE-2009-4030)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2009-4030
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
CVE-2009-4028
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
CVE-2009-4019
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
追加情報:
N/A
ダウンロード:
SRPMS
- mysql-5.0.77-4.2.1.AXS3.src.rpm
MD5: 6685555265cf64b95ea2044e0d7f5fd9
SHA-256: cc9c33680fc90bbc3521f7b0b23c00ed927aa0df859d3870955ac9bf813ef484
Size: 32.71 MB
Asianux Server 3 for x86
- mysql-5.0.77-4.2.1.AXS3.i386.rpm
MD5: 499b9fc28ffa1590f66921fad1ebddb8
SHA-256: 768698b1b7f5bb0c14fc479f887e7bf02bb485b9ee799d0752c3762ed57353f3
Size: 4.75 MB - mysql-bench-5.0.77-4.2.1.AXS3.i386.rpm
MD5: 8ccf6c4fa00499f2fe435d2e15c8667f
SHA-256: 18f463d8cdb48e2f0251bb0db614ca30576b9094d6fe627813498b527c6bd735
Size: 509.69 kB - mysql-devel-5.0.77-4.2.1.AXS3.i386.rpm
MD5: f640afe5901727cf0c2f8c80d4e87268
SHA-256: f207585c5be47b554f8265d5129a89886c085424fbe4b1c0a7a8765b3845b212
Size: 2.43 MB - mysql-server-5.0.77-4.2.1.AXS3.i386.rpm
MD5: 9927c19db304122385e1af7d44e183a2
SHA-256: 3ba69db09a24f3e59100a43c44e282fff4e9c837c74f70bd0d3ed6082c2381e4
Size: 9.78 MB
Asianux Server 3 for x86_64
- mysql-5.0.77-4.2.1.AXS3.x86_64.rpm
MD5: 1277726b84b7dff8b983b55b8083a152
SHA-256: 3902ec5a833ff58b3c1280399bbe96d17a206a0a438fc612507570624cc3bb3e
Size: 4.76 MB - mysql-bench-5.0.77-4.2.1.AXS3.x86_64.rpm
MD5: 4ac8dd73d941ed44d4f51cf4463a2873
SHA-256: 533f01fed39b901c3d46bd6d0e7a5b3cbce7a7257d13f720869985794587457c
Size: 509.59 kB - mysql-devel-5.0.77-4.2.1.AXS3.x86_64.rpm
MD5: d9203af7ad4ef61542c20aaec04b2b7e
SHA-256: 23dc700028128bfd747a316ad7402811abd9f01d7cd6b91cc2d701739f1e8308
Size: 2.47 MB - mysql-server-5.0.77-4.2.1.AXS3.x86_64.rpm
MD5: 7c3b561ab3f803ee98423c36d7f381bf
SHA-256: af55f02648a49ac1b2856231d7f7fc35b44be3242379d651b9ab91daab831244
Size: 9.84 MB