Contact | Site en Français               

 


 

VUPEN VNS v4.0
 
  Features and Options
  Free 14-Day Trial

  Partner Program
  Receive More Information
 
   
 

Latest Intelligence
 
  VUPEN Security Advisories

  Virus and Malware Alerts
  VUPEN Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes MySQL Multiple Restriction Bypass Vulnerabilities

Title : Fedora Security Update Fixes MySQL Multiple Restriction Bypass Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-4725
CVE ID : CVE-2006-4031 - CVE-2006-4226 - CVE-2006-4227
CWE ID : VUPEN VNS Only
CVSS V2 : VUPEN VNS Only
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-11-28

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Fedora has released updated packages to address multiple vulnerabilities identified in MySQL. These flaws could be exploited by malicious users to bypass security restrictions. For additional information, see : VUPEN/ADV-2006-3306 - VUPEN/ADV-2006-3079

Affected Products

Fedora Core 5
Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

c988685f3baa579c04eb494ee7f2aad0805f995f SRPMS/mysql-5.0.27-1.fc5.src.rpm
c988685f3baa579c04eb494ee7f2aad0805f995f noarch/mysql-5.0.27-1.fc5.src.rpm
d2027f3b3b764e05a7e859edac22532b6d2360eb ppc/mysql-bench-5.0.27-1.fc5.ppc.rpm
5e376bc13ccfaf31b729f3832f1e8393a3c3661c ppc/mysql-5.0.27-1.fc5.ppc.rpm
d1a6aeee0f12b735f412407bfcfb9af80e4a0c7f ppc/mysql-devel-5.0.27-1.fc5.ppc.rpm
53faa4a58658ae2cf7382f6b7dc69eb54f3f9591 ppc/mysql-test-5.0.27-1.fc5.ppc.rpm
7e73defd57652d44b8a149dd203774ec0f504e56 ppc/debug/mysql-debuginfo-5.0.27-1.fc5.ppc.rpm
2c2b3db55db28423e4f46f24cb2857a24847606f ppc/mysql-server-5.0.27-1.fc5.ppc.rpm
3132d39e799e11f824d1c1458607319866ddda57 x86_64/mysql-bench-5.0.27-1.fc5.x86_64.rpm
e7b40785e0b2348dab17a64cf58b443e5acabe51 x86_64/mysql-test-5.0.27-1.fc5.x86_64.rpm
fa3366aa6d14be4090347a6334759d4cb316e09c x86_64/mysql-5.0.27-1.fc5.x86_64.rpm
31b36e1d290fa2ec11989f41e0b567fc1f8323d2 x86_64/mysql-devel-5.0.27-1.fc5.x86_64.rpm
fc96b4114c4cd83fac87b512e05c731cbc06a6c7 x86_64/debug/mysql-debuginfo-5.0.27-1.fc5.x86_64.rpm
c3662cd9114c02721a5d54fdc4a3c861108d0991 x86_64/mysql-server-5.0.27-1.fc5.x86_64.rpm
bfafbf67b4cb92706b940d900a6a1f19e120fcc7 i386/mysql-server-5.0.27-1.fc5.i386.rpm
1e3379b196d4132a6a715d4fd885ca1dfded47e3 i386/mysql-bench-5.0.27-1.fc5.i386.rpm
9802bf6968e8478687c0fda619da1b613412293b i386/mysql-devel-5.0.27-1.fc5.i386.rpm
8a02a6f1eeee9f865c3b23a8b46f784d2f7af9cf i386/mysql-5.0.27-1.fc5.i386.rpm
64d8852d74548300d96c73455f43ffa52cdecf5a i386/mysql-test-5.0.27-1.fc5.i386.rpm
978163f26a75add446ba2e3f7e4b198b07f23ae5 i386/debug/mysql-debuginfo-5.0.27-1.fc5.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

4cc81f4b91a4d5dab7a7747ad36e69f2ec99b39b SRPMS/mysql-5.0.27-1.fc6.src.rpm
4cc81f4b91a4d5dab7a7747ad36e69f2ec99b39b noarch/mysql-5.0.27-1.fc6.src.rpm
eed1c2d9003834c96f4962e27a67aaa3c1a434df ppc/debug/mysql-debuginfo-5.0.27-1.fc6.ppc.rpm
d24aa31b838dc1946ed98485d42a02a02b998cac ppc/mysql-5.0.27-1.fc6.ppc.rpm
a841665b23c0c68a771055cf58ccbb083bd0a78f ppc/mysql-server-5.0.27-1.fc6.ppc.rpm
77d7b0c203c102a1559d9b58567f0e38426d360b ppc/mysql-test-5.0.27-1.fc6.ppc.rpm
8a722d512e2211fc2fe8951fc49c4b10222d65dc ppc/mysql-bench-5.0.27-1.fc6.ppc.rpm
4ac16c9eec0c240b340400d1951a64ff518b64a6 ppc/mysql-devel-5.0.27-1.fc6.ppc.rpm
4b48fec9e1967e85f281b2ac21faf3c297e61d53 x86_64/mysql-5.0.27-1.fc6.x86_64.rpm
a24d05a9e5c75e920960d1e7b04f9a1ddcb3b50d x86_64/mysql-bench-5.0.27-1.fc6.x86_64.rpm
7075cd0c43b681cf5c2c0ba76f5c62402d204ee8 x86_64/mysql-test-5.0.27-1.fc6.x86_64.rpm
e0ca75a5173bfd35c14cde20240d28abb4b7b761 x86_64/debug/mysql-debuginfo-5.0.27-1.fc6.x86_64.rpm
18b32701bbc1226ca5efc0731142f7f04926f5ce x86_64/mysql-server-5.0.27-1.fc6.x86_64.rpm
b35c5e7f2c2be3c741f7b77fd2bb58a1add5e3ac x86_64/mysql-devel-5.0.27-1.fc6.x86_64.rpm
609428f0c08235aeab6c65e5c8cea31de401e97e i386/mysql-devel-5.0.27-1.fc6.i386.rpm
f53664d9d419c0a4e1c8f14911e942f49ea3fc52 i386/mysql-bench-5.0.27-1.fc6.i386.rpm
0f6fc5987e7137831981c5d7ee4c417914226661 i386/mysql-test-5.0.27-1.fc6.i386.rpm
c8970b79df7cca5e5f1ac976f3fca86022e686bb i386/mysql-server-5.0.27-1.fc6.i386.rpm
7d90073967c93f7401b59ff9bc7e0b547e735d16 i386/debug/mysql-debuginfo-5.0.27-1.fc6.i386.rpm
abb06a312f0965707a73fb258768e8aec33fd78b i386/mysql-5.0.27-1.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2006/4725
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00183.html
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00182.html

ChangeLog

2006-11-28 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

VUPEN Vulnerability
Notification Service
 

Latest Advisories
  

   
    





Copyright VUPEN © 2004-2010 - Privacy Policy