Rapid7 Vulnerability & Exploit Database

SUSE-SA:2005:019: MySQL vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE-SA:2005:019: MySQL vulnerabilities

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

03/24/2005

Created

07/25/2018

Added

11/08/2005

Modified

11/18/2015

Description

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.

Solution(s)

References

https://attackerkb.com/topics/cve-2005-0709
APPLE-SA-2005-08-15
APPLE-SA-2005-08-17
12781
CVE - 2005-0709
CVE - 2005-0710
CVE - 2005-0711
DSA-707
MDKSA-2005:060
OVAL10180
OVAL10479
OVAL9591
RHSA-2005:334
RHSA-2005:348
SUSE-SA:2005:019
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0082.html
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0083.html
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html
http://marc.theaimsgroup.com/?l=bugtraq&m=111065974004648&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=111066115808506&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=111100791920597&w=2
http://www.novell.com/linux/security/advisories/2005_19_mysql.html
http://www.trustix.org/errata/2005/0009/
http://www.ubuntulinux.org/support/documentation/usn/usn-96-1
19658

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;