|
|
Family: Slackware Local Security Checks --> Category: infos
SSA-2006-129-02 mysql Vulnerability Scan
Vulnerability Scan Summary
SSA-2006-129-02 mysql
Detailed Explanation for this Vulnerability Test
New mysql packages are available for Slackware 10.2 and -current to
fix security issues. The MySQL package shipped with Slackware 10.2
may possibly leak sensitive information found in uninitialized
memory to authenticated users. The MySQL package previously in
Slackware -current also suffered from these flaws, but an additional
overflow could allow arbitrary code execution.
Since the vulnerabilities require a valid login and/or access to the
database server, the risk is moderate. Slackware does not provide
network access to a MySQL database by default.
More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database.
Issues that affect both Slackware 10.2 and -current:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
An issue affecting only Slackware -current:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518
Click HERE for more information and discussions on this network vulnerability scan.
|
