[debian-mysql] Bug#424778: mysql-server-5.0: MySQL Multiple Query Handling Privilege Escalation and Security Bypass Vulnerabilities
Stefan Fritsch
sf at sfritsch.de
Thu May 17 10:01:51 UTC 2007
Package: mysql-server-5.0
Version: 5.0.38-3
Severity: grave
Tags: security
Justification: user security hole
Some security issues have been found in mysql:
CVE-2007-2693:
MySQL before 5.1.18 allows remote authenticated users without SELECT
privileges to obtain sensitive information from partitioned tables via
an ALTER TABLE statement.
CVE-2007-2692:
The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x
before 5.1.18 does not restore THD::db_access privileges when
returning from SQL SECURITY INVOKER stored routines, which allows
remote authenticated users to gain privileges.
CVE-2007-2691:
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does
not require the DROP privilege for RENAME TABLE statements, which
allows remote authenticated users to rename arbitrary tables.
See http://www.frsirt.com/english/advisories/2007/1804
for more info.
Please mention the CVE ids in the changelog.
More information about the pkg-mysql-maint
mailing list