Detections
Analytics

MySQL 5.1 < 5.1.18 Multiple Vulnerabilities

medium Nessus Plugin ID 25242

Language:

Synopsis

The remote database server is affected by multiple vulnerabilities.

Description

The version of MySQL installed on the remote host reportedly is affected by several issues :

 - Evaluation of an 'IN()' predicate with a decimal-valued argument causes a service crash.

 - A user can rename a table even though he does not have DROP privileges.

 - If a stored routine is declared as 'SQL SECURITY INVOKER', a user may be able to gain privileges by invoking that routine.

 - A user with only ALTER privileges on a partitioned table can discover information about the table that should require SELECT privileges.

Solution

Upgrade to MySQL version 5.1.18 or later.

See Also

https://bugs.mysql.com/bug.php?id=23675

http://bugs.mysql.com/bug.php?id=27515

https://bugs.mysql.com/bug.php?id=27337

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html

Plugin Details

Severity: Medium

ID: 25242

File Name: mysql_5_1_18.nasl

Version: 1.21

Type: remote

Family: Databases

Published: 5/17/2007

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:mysql:mysql

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/26/2006

Reference Information

CVE: CVE-2007-2583, CVE-2007-2691, CVE-2007-2692, CVE-2007-2693

BID: 23911, 24008, 24011, 24016

CWE: 189