Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2003-094: mysql Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the mysql packages

Detailed Explanation for this Vulnerability Test

Updated packages are available that fix both a double-free security
vulnerability and a remote root exploit security vulnerability found in the
MySQL server.

[Updated 11 Aug 2003]
Updated mysqlclient9 packages are now included. These were previously
missing from this erratum.

MySQL is a multi-user, multi-threaded SQL database server.

A double-free vulnerability in mysqld, for MySQL before version 3.23.55,
allows attackers with MySQL access to cause a denial of service (crash) by
creating a carefully crafted client application.

A remote root exploit vulnerability in mysqld, for MySQL before version
3.23.56, allows MySQL users to gain root rights by overwriting
configuration files.

Previous versions of the MySQL packages do not contain the thread safe
client library (libmysqlclient_r).

All users of MySQL are advised to upgrade to these errata packages
containing MySQL 3.23.56.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.