exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2013-102

Mandriva Linux Security Advisory 2013-102
Posted Apr 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-102 - Updated mariadb packages includes fixes for the following security Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol. Various other issues have also been addressed.

tags | advisory, remote, protocol
systems | linux, mandriva
advisories | CVE-2012-3147, CVE-2012-3158, CVE-2012-4414, CVE-2012-5611, CVE-2012-5612, CVE-2012-5615, CVE-2012-5627
SHA-256 | 70e2790c57a07f5e4f2857ae15cc16b9161c3156270f84700985bcd1aebabe12

Mandriva Linux Security Advisory 2013-102

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:102
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : mariadb
Date : April 10, 2013
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated mariadb packages includes fixes for the following security
vulnerabilities:

Unspecified vulnerability in the MySQL Server component in Oracle
MySQL 5.5.26 and earlier allows remote attackers to affect integrity
and availability, related to MySQL Client (CVE-2012-3147).

Unspecified vulnerability in the MySQL Server component in Oracle MySQL
5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers
to affect confidentiality, integrity, and availability via unknown
vectors related to Protocol (CVE-2012-3158).

Multiple SQL injection vulnerabilities in the replication code in
Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62,
5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25,
allow remote authenticated users to execute arbitrary SQL commands
via vectors related to the binary log. NOTE: as of 20130116, Oracle
has not commented on claims from a downstream vendor that the fix in
MySQL 5.5.29 is incomplete (CVE-2012-4414).

Stack-based buffer overflow in the acl_get function in Oracle
MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and
other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a,
5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66,
allows remote authenticated users to execute arbitrary code via a
long argument to the GRANT FILE command (CVE-2012-5611).

A buffer overflow that can cause a server crash or arbitrary code
execution (a variant of CVE-2012-5611)

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions
through 5.5.28, and MariaDB 5.5.28a and possibly other versions,
allows remote authenticated users to cause a denial of service
(memory corruption and crash) and possibly execute arbitrary code,
as demonstrated using certain variations of the (1) USE, (2) SHOW
TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM,
(6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER
TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands
(CVE-2012-5612).

MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11,
5.2.13, 5.1.66, and possibly other versions, generates different error
messages with different time delays depending on whether a user name
exists, which allows remote attackers to enumerate valid usernames
(CVE-2012-5615). Be advised that for CVE-2012-5615 to be completely
closed, it's recommended to remove any anonymous logins. Previously,
such a user without access rights was added by default.

A vulnerability was found in the handling of password salt values in
MySQL. When a user logs into MySQL a salt value is generated that
is then used to prevent password guessing attacks (since the salt
value must be known in order to send a password). This salt value is
created at the start of a session and used for the entire session,
once authenticated an attacker can use the MySQL change_user command
to attempt to login as a different, as the salt value is known a
password guessing attack will be much more efficient (CVE-2012-5627).

in addition it fixes MDEV-4029 and rpl.rpl_mdev382 test from
mariadb-bench, and a problem preventing the feedback plugin from
working has been corrected.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5627
https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0135
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0244
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0341
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0349
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0019
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0046
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
209fc8930bb829c3a4711086c02bb49d mbs1/x86_64/lib64mariadb18-5.5.25-1.1.mbs1.x86_64.rpm
566959cfc01bac6db75cfd9b9ae49502 mbs1/x86_64/lib64mariadb-devel-5.5.25-1.1.mbs1.x86_64.rpm
75fd6b4a27fb22416e40fbea1dbad0d6 mbs1/x86_64/lib64mariadb-embedded18-5.5.25-1.1.mbs1.x86_64.rpm
5d6f3c2d223d832671e01485cc50a5d4 mbs1/x86_64/lib64mariadb-embedded-devel-5.5.25-1.1.mbs1.x86_64.rpm
4f0df298a0288393313939186ecda546 mbs1/x86_64/mariadb-5.5.25-1.1.mbs1.x86_64.rpm
a8ed571f1da488b29e06d7418e340724 mbs1/x86_64/mariadb-bench-5.5.25-1.1.mbs1.x86_64.rpm
7a3e50bbb6f3bf058efbddff77e33614 mbs1/x86_64/mariadb-client-5.5.25-1.1.mbs1.x86_64.rpm
f1cf2b59445c4fe0628b53da20f0666b mbs1/x86_64/mariadb-common-5.5.25-1.1.mbs1.x86_64.rpm
f604904567f8a4a260933ee8e01c7214 mbs1/x86_64/mariadb-common-core-5.5.25-1.1.mbs1.x86_64.rpm
5eca6d16415e101ad898823015ed799b mbs1/x86_64/mariadb-core-5.5.25-1.1.mbs1.x86_64.rpm
d37a4e03eaa52f3f3865a14b5d534b2c mbs1/x86_64/mariadb-extra-5.5.25-1.1.mbs1.x86_64.rpm
2494241e88fd57a50362363ac2329e96 mbs1/x86_64/mariadb-feedback-5.5.25-1.1.mbs1.x86_64.rpm
948da86f587ca9f20dd91b6811c470a9 mbs1/x86_64/mariadb-obsolete-5.5.25-1.1.mbs1.x86_64.rpm
f8ff932d77dd8969e3f6f9dd9664a89b mbs1/x86_64/mysql-MariaDB-5.5.25-1.1.mbs1.x86_64.rpm
74885951ac551f63712b64f1f94f4b71 mbs1/SRPMS/mariadb-5.5.25-1.1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRZRqXmqjQ0CJFipgRArVEAKDVULShzPgUPCu6VpaHUZWwi+YnkACgxQRP
rrgTu213N3gfsRFHpMlx7tY=
=yMYV
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    35 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close