VUPEN Security - Mandriva Security Update Fixes MySQL Information Disclosure Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

VUPEN VNS v4.0

Features and Options

Free 14-Day Trial

Partner Program

Receive More Information

Latest Intelligence

VUPEN Security Advisories

Virus and Malware Alerts

VUPEN Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Mandriva Security Update Fixes MySQL Information Disclosure Vulnerabilities

Title : Mandriva Security Update Fixes MySQL Information Disclosure Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-1772
CVE ID : CVE-2006-1516 - CVE-2006-1517
CWE ID : VUPEN VNS Only

CVSS V2 : VUPEN VNS Only

Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-05-11

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Mandriva has released updated packages to address multiple vulnerabilities identified in MySQL. These flaws could be exploited by remote attackers to gain knowledge of sensitive information. For additional information, see : VUPEN/ADV-2006-1633

Affected Products

Mandriva Linux 10.2
Mandriva Linux 2006.0
Corporate 3.0
Multi Network Firewall 2.0

Solution

Upgrade the affected packages :

Mandriva Linux 10.2:
4909fe2f65460b5d570c6a7ba9cff866 10.2/RPMS/libmysql14-4.1.11-1.4.102mdk.i586.rpm
2abf3bab6adb4c55869189a77fc3fb55 10.2/RPMS/libmysql14-devel-4.1.11-1.4.102mdk.i586.rpm
5f7cb8b59cec81673b33c8f288854cdd 10.2/RPMS/MySQL-4.1.11-1.4.102mdk.i586.rpm
baf754c73e1d9d5d075af16bbb670865 10.2/RPMS/MySQL-bench-4.1.11-1.4.102mdk.i586.rpm
4186fd1a7a4addda9ed50c142f09e0ad 10.2/RPMS/MySQL-client-4.1.11-1.4.102mdk.i586.rpm
26c570f455d7113f2af79493fce1f09c 10.2/RPMS/MySQL-common-4.1.11-1.4.102mdk.i586.rpm
feb16e6ba1272758d8eb5b03960a8109 10.2/RPMS/MySQL-Max-4.1.11-1.4.102mdk.i586.rpm
ff61354715f761a46a8910141c17308d 10.2/RPMS/MySQL-NDB-4.1.11-1.4.102mdk.i586.rpm
52cbe54bd00e29484c6c25735c7bcb94 10.2/SRPMS/MySQL-4.1.11-1.4.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
505a4c981db838708fdf1f63bb8bf1d9 x86_64/10.2/RPMS/lib64mysql14-4.1.11-1.4.102mdk.x86_64.rpm
58cfd4b6f1c2a44475fc4e0b155c411b x86_64/10.2/RPMS/lib64mysql14-devel-4.1.11-1.4.102mdk.x86_64.rpm
71b93f12b9441a16a674e21d083fb106 x86_64/10.2/RPMS/MySQL-4.1.11-1.4.102mdk.x86_64.rpm
e2453637f22fdc0035972e22ed5446d5 x86_64/10.2/RPMS/MySQL-bench-4.1.11-1.4.102mdk.x86_64.rpm
924a711c2d7bfcb183e67c0ed8455cdf x86_64/10.2/RPMS/MySQL-client-4.1.11-1.4.102mdk.x86_64.rpm
fea020684cfe4447d84b236ed3eb8712 x86_64/10.2/RPMS/MySQL-common-4.1.11-1.4.102mdk.x86_64.rpm
4f613498aba6803507a6210025c364bd x86_64/10.2/RPMS/MySQL-Max-4.1.11-1.4.102mdk.x86_64.rpm
d211d2b6bef7e4a8702b6d10f1a2e9c8 x86_64/10.2/RPMS/MySQL-NDB-4.1.11-1.4.102mdk.x86_64.rpm
52cbe54bd00e29484c6c25735c7bcb94 x86_64/10.2/SRPMS/MySQL-4.1.11-1.4.102mdk.src.rpm

Mandriva Linux 2006.0:
1116c2cbc0a6f7b443caa1db80b7cc96 2006.0/RPMS/libmysql14-4.1.12-3.2.20060mdk.i586.rpm
a1d6f0b6b6c3441723ddce425f9d7962 2006.0/RPMS/libmysql14-devel-4.1.12-3.2.20060mdk.i586.rpm
9d8d79e0b992d7014e6fc48e759a6588 2006.0/RPMS/MySQL-4.1.12-3.2.20060mdk.i586.rpm
f1b66a2737dd7cd25e91807fc228b538 2006.0/RPMS/MySQL-bench-4.1.12-3.2.20060mdk.i586.rpm
9ff1b0895c676d7fb397be4d0696b510 2006.0/RPMS/MySQL-client-4.1.12-3.2.20060mdk.i586.rpm
d9a488579d2318523bdd59bf3bea426c 2006.0/RPMS/MySQL-common-4.1.12-3.2.20060mdk.i586.rpm
465af10c347f571dc01af650bd26c1ff 2006.0/RPMS/MySQL-Max-4.1.12-3.2.20060mdk.i586.rpm
113a35b2c5d17ce60404787fcee90146 2006.0/RPMS/MySQL-NDB-4.1.12-3.2.20060mdk.i586.rpm
5b2a2092676086292383ac5178cb0be1 2006.0/RPMS/X11R6-contrib-6.9.0-5.6.20060mdk.i586.rpm
fab0e8f7d4365d264c28e5f731d3d34b 2006.0/SRPMS/MySQL-4.1.12-3.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
95076266d5ef2642c402f7130cdfe241 x86_64/2006.0/RPMS/lib64mysql14-4.1.12-3.2.20060mdk.x86_64.rpm
acbdc71b998c812c24ed7114c368ece3 x86_64/2006.0/RPMS/lib64mysql14-devel-4.1.12-3.2.20060mdk.x86_64.rpm
ea9a4fc478ddeb0fafaa50e0ea4a208f x86_64/2006.0/RPMS/MySQL-4.1.12-3.2.20060mdk.x86_64.rpm
fef7934cf4bee099e8e64bc0b75f885d x86_64/2006.0/RPMS/MySQL-bench-4.1.12-3.2.20060mdk.x86_64.rpm
e713937238d32342925e65ef301585e7 x86_64/2006.0/RPMS/MySQL-client-4.1.12-3.2.20060mdk.x86_64.rpm
1f36af145e87802e37c673a66360fe34 x86_64/2006.0/RPMS/MySQL-common-4.1.12-3.2.20060mdk.x86_64.rpm
c24793f5e9e10a9601db7dac7d096b29 x86_64/2006.0/RPMS/MySQL-Max-4.1.12-3.2.20060mdk.x86_64.rpm
82b03a0968e65e92cdb569d8149e0fd1 x86_64/2006.0/RPMS/MySQL-NDB-4.1.12-3.2.20060mdk.x86_64.rpm
fab0e8f7d4365d264c28e5f731d3d34b x86_64/2006.0/SRPMS/MySQL-4.1.12-3.2.20060mdk.src.rpm

Corporate 3.0:
08e6f2ab4f9e4c527519fb927cd1bbd7 corporate/3.0/RPMS/libmysql12-4.0.18-1.9.C30mdk.i586.rpm
01de6e536bcd09a1b61c41b1f42f2f72 corporate/3.0/RPMS/libmysql12-devel-4.0.18-1.9.C30mdk.i586.rpm
ddf99e4e753c37709883b04d1cf2030a corporate/3.0/RPMS/MySQL-4.0.18-1.9.C30mdk.i586.rpm
4cee7ed9d192be77d78dd72d8fcd2eaa corporate/3.0/RPMS/MySQL-bench-4.0.18-1.9.C30mdk.i586.rpm
65faadbbd953da2f71e7ba575aabd9c5 corporate/3.0/RPMS/MySQL-client-4.0.18-1.9.C30mdk.i586.rpm
d88cb2542f68be1438770e916cedfbf8 corporate/3.0/RPMS/MySQL-common-4.0.18-1.9.C30mdk.i586.rpm
8930f8e648b838abad0e905402d7f098 corporate/3.0/RPMS/MySQL-Max-4.0.18-1.9.C30mdk.i586.rpm
d67f3b91058f8e17bf72d75b1d131e2d corporate/3.0/SRPMS/MySQL-4.0.18-1.9.C30mdk.src.rpm

Corporate 3.0/X86_64:
85adbefb6c932da4febb94fbd9ad477c x86_64/corporate/3.0/RPMS/lib64mysql12-4.0.18-1.9.C30mdk.x86_64.rpm
d94af3b74686045910e2330bd5245a30 x86_64/corporate/3.0/RPMS/lib64mysql12-devel-4.0.18-1.9.C30mdk.x86_64.rpm
36f0d3bb53766d832fce145d119f52c9 x86_64/corporate/3.0/RPMS/MySQL-4.0.18-1.9.C30mdk.x86_64.rpm
538493e0ec4636f1dd0ec0ef8a26165c x86_64/corporate/3.0/RPMS/MySQL-bench-4.0.18-1.9.C30mdk.x86_64.rpm
6773bce043fabd3871ec292bcbe20e7a x86_64/corporate/3.0/RPMS/MySQL-client-4.0.18-1.9.C30mdk.x86_64.rpm
fd0876c6a9dfe36df6d116ce5433b152 x86_64/corporate/3.0/RPMS/MySQL-common-4.0.18-1.9.C30mdk.x86_64.rpm
808c8c1e8d107e810a2a16f0be2aa5ac x86_64/corporate/3.0/RPMS/MySQL-Max-4.0.18-1.9.C30mdk.x86_64.rpm
d67f3b91058f8e17bf72d75b1d131e2d x86_64/corporate/3.0/SRPMS/MySQL-4.0.18-1.9.C30mdk.src.rpm

Multi Network Firewall 2.0:
516e242273227de34c51bc5d5ddd23fd mnf/2.0/RPMS/libmysql12-4.0.18-1.9.M20mdk.i586.rpm
043291efac87bbdcb08ecb706ba4301d mnf/2.0/SRPMS/MySQL-4.0.18-1.9.M20mdk.src.rpm

References

http://www.vupen.com/english/advisories/2006/1772
http://www.frsirt.com/english/reference/11555

ChangeLog

2006-05-11 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

VUPEN Vulnerability
Notification Service

Latest Advisories

>> 2010-03-19

CA ARCserve Backup JRE Code Execution and Security Bypass Issues

>> 2010-03-19

Debian Security Update Fixes PHP XML-RPC Denial of Service Issue

>> 2010-03-19

Ubuntu Security Update Fixes Thunderbird Multiple Vulnerabilities

>> 2010-03-18

IBM DB2 Content Manager Web Services Single Sign-on Vulnerability

>> 2010-03-18

Transmission "tr_magnetParse()" Magnet Buffer Overflow Vulnerability

More Informations