Mandriva Linux Security Advisory MDKSA-2006-149 - MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
8a5deb764b1c633185695ddebb9ec526a1ef11db250cce81099d1e2987c38884
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2006:149
http://www.mandriva.com/security/
_______________________________________________________________________
Package : MySQL
Date : August 24, 2006
Affected: 2006.0
_______________________________________________________________________
Problem Description:
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to
access a table through a previously created MERGE table, even after the
user's privileges are revoked for the original table, which might
violate intended security policy (CVE-2006-4031).
The update allows the local admin to override MERGE using the
'--skip-merge' option when running mysqld. This can be defined under
MYSQLD_OPTIONS in /etc/sysconfig/mysqld. If '--skip-merge' is not used,
the old behaviour of MERGE tables is still used.
MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12,
when run on case-sensitive filesystems, allows remote authenticated
users to create or access a database when the database name differs
only in case from a database for which they have permissions
(CVE-2006-4226).
Packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2006.0:
33376bae20533f62ef5b549b34167843 2006.0/RPMS/libmysql14-4.1.12-4.6.20060mdk.i586.rpm
8f979c11aff7632c2baf8a16dfd20f7d 2006.0/RPMS/libmysql14-devel-4.1.12-4.6.20060mdk.i586.rpm
efdf42901fb07957dcae0667f4224c79 2006.0/RPMS/MySQL-4.1.12-4.6.20060mdk.i586.rpm
b8af458067a90bdc24572e5e4e65486e 2006.0/RPMS/MySQL-bench-4.1.12-4.6.20060mdk.i586.rpm
bc50ec326174fd40d4305fd869f40148 2006.0/RPMS/MySQL-client-4.1.12-4.6.20060mdk.i586.rpm
af157fcfa86fe01b523382b9b4cf7574 2006.0/RPMS/MySQL-common-4.1.12-4.6.20060mdk.i586.rpm
48ff5161c87ea0b2a562d8a85c71ba77 2006.0/RPMS/MySQL-Max-4.1.12-4.6.20060mdk.i586.rpm
9fbe8915b7e10bbb059f40ce2d87fc79 2006.0/RPMS/MySQL-NDB-4.1.12-4.6.20060mdk.i586.rpm
12ec1435c493ec7d4503a70a114bb0ff 2006.0/SRPMS/MySQL-4.1.12-4.6.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
a3e7eb190788f55675f32149061b76bc x86_64/2006.0/RPMS/lib64mysql14-4.1.12-4.6.20060mdk.x86_64.rpm
f73190c2eb69d25456268504eed1b8f8 x86_64/2006.0/RPMS/lib64mysql14-devel-4.1.12-4.6.20060mdk.x86_64.rpm
03695f3ec8872dc610c5f6dd938bf9b5 x86_64/2006.0/RPMS/MySQL-4.1.12-4.6.20060mdk.x86_64.rpm
76935c458a2f18d93940c352f9c19151 x86_64/2006.0/RPMS/MySQL-bench-4.1.12-4.6.20060mdk.x86_64.rpm
8af8fbdf8931ec7a1da24dd06a8c26cc x86_64/2006.0/RPMS/MySQL-client-4.1.12-4.6.20060mdk.x86_64.rpm
a7d2e88a3f0b7d5be8b3243978992d94 x86_64/2006.0/RPMS/MySQL-common-4.1.12-4.6.20060mdk.x86_64.rpm
c9f07a98015f74b918d622501a059c23 x86_64/2006.0/RPMS/MySQL-Max-4.1.12-4.6.20060mdk.x86_64.rpm
70cebedfedcd93bb5a46b3852ba3e1a1 x86_64/2006.0/RPMS/MySQL-NDB-4.1.12-4.6.20060mdk.x86_64.rpm
12ec1435c493ec7d4503a70a114bb0ff x86_64/2006.0/SRPMS/MySQL-4.1.12-4.6.20060mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFE7eLtmqjQ0CJFipgRAjkQAJ9aFYCHpdgaXCQ2zLt1L4GjGvI1bgCglxxV
p5SWwcdzJt5Za4x4ISsE4WQ=
=7H3d
-----END PGP SIGNATURE-----