home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-094.nasl < prev    next >
Text File  |  2005-01-14  |  4KB  |  151 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:094
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14076);
  12.  script_version ("$Revision: 1.2 $");
  13.  script_cve_id("CAN-2003-0780");
  14.  
  15.  name["english"] = "MDKSA-2003:094: MySQL";
  16.  
  17.  script_name(english:name["english"]);
  18.  
  19.  desc["english"] = "
  20. The remote host is missing the patch for the advisory MDKSA-2003:094 (MySQL).
  21.  
  22.  
  23. A buffer overflow was discovered in MySQL that could be executed by any user
  24. with 'ALTER TABLE' privileges on the 'mysql' database. If successfully
  25. exploited, the attacker could execute arbitrary code with the privileges of the
  26. user running the mysqld process (mysqld). The 'mysql' database is used by MySQL
  27. for internal record keeping and by default only the 'root' user, or MySQL
  28. administrative account, has permission to alter its tables.
  29. This vulnerability was corrected in MySQL 4.0.15 and all previous versions are
  30. vulnerable. These packages have been patched to correct the problem.
  31.  
  32.  
  33. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:094
  34. Risk factor : High";
  35.  
  36.  
  37.  
  38.  script_description(english:desc["english"]);
  39.  
  40.  summary["english"] = "Check for the version of the MySQL package";
  41.  script_summary(english:summary["english"]);
  42.  
  43.  script_category(ACT_GATHER_INFO);
  44.  
  45.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  46.  family["english"] = "Mandrake Local Security Checks";
  47.  script_family(english:family["english"]);
  48.  
  49.  script_dependencies("ssh_get_info.nasl");
  50.  script_require_keys("Host/Mandrake/rpm-list");
  51.  exit(0);
  52. }
  53.  
  54. include("rpm.inc");
  55. if ( rpm_check( reference:"MySQL-3.23.47-5.5mdk", release:"MDK8.2", yank:"mdk") )
  56. {
  57.  security_hole(0);
  58.  exit(0);
  59. }
  60. if ( rpm_check( reference:"MySQL-bench-3.23.47-5.5mdk", release:"MDK8.2", yank:"mdk") )
  61. {
  62.  security_hole(0);
  63.  exit(0);
  64. }
  65. if ( rpm_check( reference:"MySQL-client-3.23.47-5.5mdk", release:"MDK8.2", yank:"mdk") )
  66. {
  67.  security_hole(0);
  68.  exit(0);
  69. }
  70. if ( rpm_check( reference:"libmysql10-3.23.47-5.5mdk", release:"MDK8.2", yank:"mdk") )
  71. {
  72.  security_hole(0);
  73.  exit(0);
  74. }
  75. if ( rpm_check( reference:"libmysql10-devel-3.23.47-5.5mdk", release:"MDK8.2", yank:"mdk") )
  76. {
  77.  security_hole(0);
  78.  exit(0);
  79. }
  80. if ( rpm_check( reference:"MySQL-3.23.56-1.4mdk", release:"MDK9.0", yank:"mdk") )
  81. {
  82.  security_hole(0);
  83.  exit(0);
  84. }
  85. if ( rpm_check( reference:"MySQL-Max-3.23.56-1.4mdk", release:"MDK9.0", yank:"mdk") )
  86. {
  87.  security_hole(0);
  88.  exit(0);
  89. }
  90. if ( rpm_check( reference:"MySQL-bench-3.23.56-1.4mdk", release:"MDK9.0", yank:"mdk") )
  91. {
  92.  security_hole(0);
  93.  exit(0);
  94. }
  95. if ( rpm_check( reference:"MySQL-client-3.23.56-1.4mdk", release:"MDK9.0", yank:"mdk") )
  96. {
  97.  security_hole(0);
  98.  exit(0);
  99. }
  100. if ( rpm_check( reference:"libmysql10-3.23.56-1.4mdk", release:"MDK9.0", yank:"mdk") )
  101. {
  102.  security_hole(0);
  103.  exit(0);
  104. }
  105. if ( rpm_check( reference:"libmysql10-devel-3.23.56-1.4mdk", release:"MDK9.0", yank:"mdk") )
  106. {
  107.  security_hole(0);
  108.  exit(0);
  109. }
  110. if ( rpm_check( reference:"MySQL-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  111. {
  112.  security_hole(0);
  113.  exit(0);
  114. }
  115. if ( rpm_check( reference:"MySQL-Max-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  116. {
  117.  security_hole(0);
  118.  exit(0);
  119. }
  120. if ( rpm_check( reference:"MySQL-bench-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  121. {
  122.  security_hole(0);
  123.  exit(0);
  124. }
  125. if ( rpm_check( reference:"MySQL-client-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  126. {
  127.  security_hole(0);
  128.  exit(0);
  129. }
  130. if ( rpm_check( reference:"MySQL-common-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  131. {
  132.  security_hole(0);
  133.  exit(0);
  134. }
  135. if ( rpm_check( reference:"libmysql12-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  136. {
  137.  security_hole(0);
  138.  exit(0);
  139. }
  140. if ( rpm_check( reference:"libmysql12-devel-4.0.11a-5.1mdk", release:"MDK9.1", yank:"mdk") )
  141. {
  142.  security_hole(0);
  143.  exit(0);
  144. }
  145. if (rpm_exists(rpm:"MySQL-", release:"MDK8.2")
  146.  || rpm_exists(rpm:"MySQL-", release:"MDK9.0")
  147.  || rpm_exists(rpm:"MySQL-", release:"MDK9.1") )
  148. {
  149.  set_kb_item(name:"CAN-2003-0780", value:TRUE);
  150. }
  151.