Your message dated Tue, 15 Mar 2005 11:25:56 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Fixed
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 11 Mar 2005 14:53:55 +0000
>From [EMAIL PROTECTED] Fri Mar 11 06:53:54 2005
Return-path: <[EMAIL PROTECTED]>
Received: from baloney.puettmann.net [194.97.54.34]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D9lWU-0000Gh-00; Fri, 11 Mar 2005 06:53:54 -0800
Received: from ruben by baloney.puettmann.net with local (ID ruben) (Exim 3.36
#1)
id 1D9lS5-0004FX-00
for [EMAIL PROTECTED]; Fri, 11 Mar 2005 15:49:21 +0100
Date: Fri, 11 Mar 2005 15:49:21 +0100
To: [EMAIL PROTECTED]
Subject: MySQL Privilege Escalation and Command Execution Vulnerabilities
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="SUk9VBj82R8Xhb8H"
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
From: Ruben Puettmann <[EMAIL PROTECTED]>
X-Scanner: exiscan *1D9lS5-0004FX-00*jvWyh48B2N.* (Puettmann.NeT, Germany)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.5 required=4.0 tests=BAYES_10,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--SUk9VBj82R8Xhb8H
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: mysql-server-4.1
Version: 4.1.10-1
Severity: critical
Tags: security
Several vulnerabilities were identified in MySQL, which may be exploited
by local attackers to execute arbitrary commands or obtain elevated
privileges.
- The first flaw is due to an insecure (predictable name) temporary file
creation with "CREATE TEMPORARY TABLE", which may be exploited by an
attacker that has "CREATE TEMPORARY TABLE" privileges to conduct symlink
attacks.
- The second vulnerability is due to an arbitrary library injection
error and resides in the "udf_init()" function (sql_udf.cc), which may
be exploited by an attacker (with INSERT and DELETE privileges) to
load/execute a malicious library with MySQL privileges.
- The third flaw occurs when handling specially crafted "CREATE
FUNCTION" commands, which may be exploited by a malicious user (with
INSERT and DELETE privileges) to execute arbitrary code with MySQL
privileges.
Fro the complete Advisory see:
http://www.k-otik.com/english/advisories/2005/0252
--=20
Ruben Puettmann
[EMAIL PROTECTED]
http://www.puettmann.net
--SUk9VBj82R8Xhb8H
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCMa/xgHHssbUmOEIRAnEMAKCK+pMdvMwGvNVbBc6xfC4QNhLGIQCgoAG9
ZjjlNWBlEBStRY9xZDF5qIk=
=HK0H
-----END PGP SIGNATURE-----
--SUk9VBj82R8Xhb8H--
---------------------------------------
Received: (at 299066-done) by bugs.debian.org; 15 Mar 2005 10:26:04 +0000
>From ch@westend.com Tue Mar 15 02:26:03 2005
Return-path: <ch@westend.com>
Received: from mail3b.westend.com (mail3b1.westend.com) [212.117.79.78]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DB9FT-0002s3-00; Tue, 15 Mar 2005 02:26:03 -0800
Received: from localhost (localhost [127.0.0.1])
by mail3b1.westend.com (Postfix) with ESMTP id F16D7BEFF
for <[EMAIL PROTECTED]>; Tue, 15 Mar 2005 11:26:01 +0100 (CET)
Received: from mail3b1.westend.com ([127.0.0.1])
by localhost (mail3b [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 20211-07 for <[EMAIL PROTECTED]>;
Tue, 15 Mar 2005 11:25:56 +0100 (CET)
Received: by mail3b1.westend.com (Postfix, from userid 1000)
id E3A99BF14; Tue, 15 Mar 2005 11:25:56 +0100 (CET)
Date: Tue, 15 Mar 2005 11:25:56 +0100
From: Christian Hammers <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Fixed
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-2.0 required=4.0 tests=BAYES_00,ONEWORD autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
This security vulnerability has been fixed in the most recent version in
unstable (4.1.10a and 4.0.24).
bye,
-christian-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
