Rapid7 Vulnerability & Exploit Database

RHSA-2003:093: Updated MySQL packages fix vulnerabilities

Back to Search

RHSA-2003:093: Updated MySQL packages fix vulnerabilities

Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
03/24/2003
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated MySQL server packages fix both a double-free security vulnerability and a root exploit security vulnerability. [Updated 1 May 2003] Added updated packages for Red Hat Linux 9, which is vulnerable to CAN-2003-0150.

MySQL is a multi-user, multi-threaded SQL database server. A double-free vulnerability in mysqld, for MySQL before version 3.23.55, allows attackers with MySQL access to cause a denial of service (crash) by creating a carefully crafted client application. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0073 to this issue. MySQL 3.23.55 and earlier creates world-writable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0150 to this issue. All users are advised to upgrade to MySQL 3.23.56 contained within this errata which is not vulnerable to these issues. In addition to the security fixes, these erratum packages contain a thread safe client library (libmysqlclient_r).

Solution(s)

  • redhat-upgrade-mysql
  • redhat-upgrade-mysql-devel
  • redhat-upgrade-mysql-server

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;