Family: Debian Local Security Checks --> Category: infos
[DSA833] DSA-833-2 mysql-dfsg-4.1 Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
This update only covers binary packages for the big endian MIPS
architecture that was mysteriously forgotten in the earlier update.
For completeness below is the original advisory text:
A stack-based buffer overflow in the init_syms function of MySQL, a
popular database, has been discovered that allows remote authenticated
users who can create user-defined functions to execute arbitrary code
via a long function_name field. The ability to create user-defined
functions is not typically granted to untrusted users.
The following vulnerability matrix explains which version of MySQL in
which distribution has this problem fixed:
We recommend that you upgrade your mysql-dfsg-4.1 packages.
Solution : http://www.debian.org/security/2005/dsa-833
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.