Your message dated Tue, 15 Mar 2005 12:40:36 +0100
with message-id <[EMAIL PROTECTED]>
and subject line fixed in last upload
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 11 Mar 2005 09:35:18 +0000
>From [EMAIL PROTECTED] Fri Mar 11 01:35:18 2005
Return-path: <[EMAIL PROTECTED]>
Received: from moutng.kundenserver.de [212.227.126.171]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D9gY9-0005Ra-00; Fri, 11 Mar 2005 01:35:18 -0800
Received: from bitz8.bitz.briteline.de[195.90.9.8] (helo=anton)
by mrelayeu.kundenserver.de with ESMTP (Nemesis),
id 0ML29c-1D9gY44ARj-0003tW; Fri, 11 Mar 2005 10:35:12 +0100
Received: by anton (Postfix, from userid 2028)
id D748AB72BC; Fri, 11 Mar 2005 10:35:12 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: Mysql CREATE FUNCTION libc arbitrary code execution.
X-Mailer: reportbug 2.26.1.1.200308291454
Date: Fri, 11 Mar 2005 10:35:12 +0100
Message-Id: <[EMAIL PROTECTED]>
X-Provags-ID: kundenserver.de [EMAIL PROTECTED]
login:4ad79d65ac46f2345c6ef2e856c1d9ef
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: mysql-dfsg
Version: 4.0.23-10
Severity: grave
Tags: security
Stefano Di Paola discovered that it's possible to gain extended MySQL user
privileges by abusing the interaction between MySQL's CREATE FUNCTION
functionality and the libc. This only applies for authenticated users
with INSERT and DELETE privileges on the 'mysql' administrative database.
There does not seem to be a CVE assignment yet.
The full advisory can be found at:
http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html
The advisory claims that MySQL has released a fix, and new upstream
releases (4.0.24 and 4.1.10a), which haven't appeared on mysql.com
yet.
Cheers,
Moritz
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]
---------------------------------------
Received: (at 299040-done) by bugs.debian.org; 15 Mar 2005 11:40:43 +0000
>From ch@westend.com Tue Mar 15 03:40:43 2005
Return-path: <ch@westend.com>
Received: from mail3b.westend.com (mail3b1.westend.com) [212.117.79.78]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DBAPi-0004tU-00; Tue, 15 Mar 2005 03:40:42 -0800
Received: from localhost (localhost [127.0.0.1])
by mail3b1.westend.com (Postfix) with ESMTP id 9F02BBF0D;
Tue, 15 Mar 2005 12:40:41 +0100 (CET)
Received: from mail3b1.westend.com ([127.0.0.1])
by localhost (mail3b [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 07561-07; Tue, 15 Mar 2005 12:40:36 +0100 (CET)
Received: by mail3b1.westend.com (Postfix, from userid 1000)
id 4AD3ABF09; Tue, 15 Mar 2005 12:40:36 +0100 (CET)
Date: Tue, 15 Mar 2005 12:40:36 +0100
From: Christian Hammers <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
Subject: fixed in last upload
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 3
Those bugs have been fixed in the 4.1.10a upload.
bye,
-christian-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
