View previous topic :: View next topic |
Author |
Message |
GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Thu Sep 04, 2014 11:26 am Post subject: [ GLSA 201409-04 ] MySQL: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: MySQL: Multiple vulnerabilities (GLSA 201409-04)
Severity: normal
Exploitable: local, remote
Date: September 04, 2014
Bug(s): #460748, #488212, #498164, #500260, #507802, #518718
ID: 201409-04
Synopsis
Multiple vulnerabilities have been found in MySQL, worst of which
allows local attackers to escalate their privileges.
Background
MySQL is a popular multi-threaded, multi-user SQL server.
Affected Packages
Package: dev-db/mysql
Vulnerable: < 5.5.39
Unaffected: >= 5.5.39
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in MySQL. Please review
the CVE identifiers referenced below for details.
Impact
A local attacker could possibly gain escalated privileges. A remote
attacker could send a specially crafted SQL query, possibly resulting in
a Denial of Service condition. A remote attacker could entice a user to
connect to specially crafted MySQL server, possibly resulting in
execution of arbitrary code with the privileges of the process.
Workaround
There is no known workaround at this time.
Resolution
All MySQL users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-5.5.39"
|
References
CVE-2013-1861
CVE-2013-2134
CVE-2013-3839
CVE-2013-5767
CVE-2013-5770
CVE-2013-5786
CVE-2013-5793
CVE-2013-5807
CVE-2013-5860
CVE-2013-5881
CVE-2013-5882
CVE-2013-5891
CVE-2013-5894
CVE-2013-5908
CVE-2014-0001
CVE-2014-0384
CVE-2014-0386
CVE-2014-0393
CVE-2014-0401
CVE-2014-0402
CVE-2014-0412
CVE-2014-0420
CVE-2014-0427
CVE-2014-0430
CVE-2014-0431
CVE-2014-0433
CVE-2014-0437
CVE-2014-2419
CVE-2014-2430
CVE-2014-2431
CVE-2014-2432
CVE-2014-2434
CVE-2014-2435
CVE-2014-2436
CVE-2014-2438
CVE-2014-2440 |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|