USN-180-2: MySQL 4.1 vulnerability
Posted on: 12/05/2005 02:22 PM

A new MySQL 4.1 vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-180-2 December 05, 2005
mysql-dfsg-4.1 vulnerability
CVE-2005-2558
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

mysql-server-4.1

The problem can be corrected by upgrading the affected package to
version 4.1.12-1ubuntu3.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

USN-180-1 fixed a vulnerability in the mysql-server package (which
ships version 4.0). Version 4.1 is vulnerable against the same flaw.

Please note that this package is not officially supported in Ubuntu
5.10.

Origial advisory:

"AppSecInc Team SHATTER discovered a buffer overflow in the "CREATE
FUNCTION" statement. By specifying a specially crafted long function
name, a local or remote attacker with function creation privileges
could crash the server or execute arbitrary code with server
privileges.

However, the right to create function is usually not granted to
untrusted users."

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12-1ubuntu3.1.diff.gz
Size/MD5: 160353 1f6bdfc757592d25e6e5e0c40405c68a
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12-1ubuntu3.1.dsc
Size/MD5: 1024 6df2740a688ebd8330bab80bcafa6f9a
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12.orig.tar.gz
Size/MD5: 15921909 c7b83a19bd8a4f42d5d64c239d05121f

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.12-1ubuntu3.1_all.deb
Size/MD5: 36022 86a50a42f1685ad909ae5674d641b6d6

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.1_amd64.deb
Size/MD5: 5830550 34427f9076358567e0b0104b83e236f9
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.1_amd64.deb
Size/MD5: 1539274 09ce1eebeae5d58115c8a8b10b40511b
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.1_amd64.deb
Size/MD5: 897406 29713a5ce0c8b18cb7b8d49809f4aefb
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.1_amd64.deb
Size/MD5: 18429032 677948b959d99cdca3770e32c19601f6

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.1_i386.deb
Size/MD5: 5347118 2944f5066bed041df004c51cd7e511e1
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.1_i386.deb
Size/MD5: 1474316 d23d2f2af47577fbda0f754547a44fae
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.1_i386.deb
Size/MD5: 865524 afdde59778fc2bc0971a959bc91960cb
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.1_i386.deb
Size/MD5: 17335734 ea56a770e30cff750d7894e787deaefe

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.1_powerpc.deb
Size/MD5: 6067392 661904ba18915482689a65594fbb8f66
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.1_powerpc.deb
Size/MD5: 1547466 69a5573b7a30c2993e2e5685fd00a3a9
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.1_powerpc.deb
Size/MD5: 936726 a060001f07b8c239f9b1d2b4b064c83d
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.1_powerpc.deb
Size/MD5: 18521170 f858e627120278b8245079d77e61348e

--GID0FwUMdk1T2AWN
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDlDpnDecnbV4Fd/IRAtzWAJ9oHD+gDzR/sZDOseQIpUeNTw1mhACeLhTA
KKVZWGbbYb7SaMLPgGoLmd8=
ÁOW
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_180_2_mysql_41_vulnerability.html)