|
Home Forum Radio Memberlist Help Search Quick Links | |
| Forum Index » Operating Systems » Linux » Mandriva- Advisories MDVSA-2008:150: Updated mysql packages fix vulnerabilities |
| Linux All distros and thier applications |
 |
 |
|
Thread Tools | Display Modes |  |
|
#1
07-19-2008, 06:25 PM
|
||||
|
||||
|
Mandriva- Advisories MDVSA-2008:150: Updated mysql packages fix vulnerabilities
Advisories MDVSA-2008:150: Updated mysql packages fix vulnerabilities
Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code (CVE-2008-0226) or cause a denial of service via a special Hello packet (CVE-2008-0227). Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges (CVE-2008-2079). The updated packages have been patched to correct these issues. http://mandrivausers.org/index.php?showtopic=63904 http://mandrivausers.org/index.php?showtopic=63904 Sat, 19 Jul 2008 23:16:56 +0000 
|
 Posted |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
|
||
|
|
|
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
