Rapid7 Vulnerability & Exploit Database

RHSA-2011:0164: mysql security update

Back to Search

RHSA-2011:0164: mysql security update

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
01/14/2011
Created
07/25/2018
Added
01/25/2011
Modified
07/04/2017

Description

MySQL is a multi-user, multi-threaded SQL database server. It consists ofthe MySQL server daemon (mysqld) and many client programs and libraries.The MySQL PolyFromWKB() function did not sanity check Well-Known Binary(WKB) data, which could allow a remote, authenticated attacker to crashmysqld. (CVE-2010-3840)A flaw in the way MySQL processed certain JOIN queries could allow aremote, authenticated attacker to cause excessive CPU use (up to 100%), ifa stored procedure contained JOIN queries, and that procedure was executedtwice in sequence. (CVE-2010-3839)A flaw in the way MySQL processed queries that provide a mixture of numericand longblob data types to the LEAST or GREATEST function, could allow aremote, authenticated attacker to crash mysqld. (CVE-2010-3838)A flaw in the way MySQL processed PREPARE statements containing bothGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,authenticated attacker to crash mysqld. (CVE-2010-3837)MySQL did not properly pre-evaluate LIKE arguments in view prepare mode,possibly allowing a remote, authenticated attacker to crash mysqld.(CVE-2010-3836)A flaw in the way MySQL processed statements that assign a value to auser-defined variable and that also contain a logical value evaluationcould allow a remote, authenticated attacker to crash mysqld.(CVE-2010-3835)A flaw in the way MySQL evaluated the arguments of extreme-value functions,such as LEAST and GREATEST, could allow a remote, authenticated attacker tocrash mysqld. (CVE-2010-3833)A flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL tosend OK packets even when there were errors. (CVE-2010-3683)A flaw in the way MySQL processed EXPLAIN statements for some complexSELECT queries could allow a remote, authenticated attacker to crashmysqld. (CVE-2010-3682)A flaw in the way MySQL processed certain alternating READ requestsprovided by HANDLER statements could allow a remote, authenticated attackerto crash mysqld. (CVE-2010-3681)A flaw in the way MySQL processed CREATE TEMPORARY TABLE statements thatdefine NULL columns when using the InnoDB storage engine, could allow aremote, authenticated attacker to crash mysqld. (CVE-2010-3680)A flaw in the way MySQL processed certain values provided to the BINLOGstatement caused MySQL to read unassigned memory. A remote, authenticatedattacker could possibly use this flaw to crash mysqld. (CVE-2010-3679)A flaw in the way MySQL processed SQL queries containing IN or CASEstatements, when a NULL argument was provided as one of the arguments tothe query, could allow a remote, authenticated attacker to crash mysqld.(CVE-2010-3678)A flaw in the way MySQL processed JOIN queries that attempt to retrievedata from a unique SET column could allow a remote, authenticated attackerto crash mysqld. (CVE-2010-3677)Note: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678,and CVE-2010-3677 only cause a temporary denial of service, as mysqld wasautomatically restarted after each crash.These updated packages upgrade MySQL to version 5.1.52. Refer to the MySQLrelease notes for a full list of changes:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.htmlAll MySQL users should upgrade to these updated packages, which correctthese issues. After installing this update, the MySQL server daemon(mysqld) will be restarted automatically.

Solution(s)

  • redhat-upgrade-mysql
  • redhat-upgrade-mysql-bench
  • redhat-upgrade-mysql-debuginfo
  • redhat-upgrade-mysql-devel
  • redhat-upgrade-mysql-embedded
  • redhat-upgrade-mysql-embedded-devel
  • redhat-upgrade-mysql-libs
  • redhat-upgrade-mysql-server
  • redhat-upgrade-mysql-test

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;