Test Kennung:	1.3.6.1.4.1.25623.1.0.64932
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Security Advisory CESA-2009:1289 (mysql)
Zusammenfassung:	The remote host is missing updates to mysql announced in;advisory CESA-2009:1289.
Beschreibung:	Summary: The remote host is missing updates to mysql announced in advisory CESA-2009:1289. Vulnerability Insight: For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2079 1019995 http://www.securitytracker.com/id?1019995 29106 http://www.securityfocus.com/bid/29106 30134 http://secunia.com/advisories/30134 31066 http://secunia.com/advisories/31066 31226 http://secunia.com/advisories/31226 31681 http://www.securityfocus.com/bid/31681 31687 http://secunia.com/advisories/31687 32222 http://secunia.com/advisories/32222 32769 http://secunia.com/advisories/32769 36566 http://secunia.com/advisories/36566 36701 http://secunia.com/advisories/36701 ADV-2008-1472 http://www.vupen.com/english/advisories/2008/1472/references ADV-2008-2780 http://www.vupen.com/english/advisories/2008/2780 APPLE-SA-2008-10-09 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html APPLE-SA-2009-09-10-2 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html DSA-1608 http://www.debian.org/security/2008/dsa-1608 MDVSA-2008:149 http://www.mandriva.com/security/advisories?name=MDVSA-2008:149 MDVSA-2008:150 http://www.mandriva.com/security/advisories?name=MDVSA-2008:150 RHSA-2008:0505 http://www.redhat.com/support/errata/RHSA-2008-0505.html RHSA-2008:0510 http://www.redhat.com/support/errata/RHSA-2008-0510.html RHSA-2008:0768 http://www.redhat.com/support/errata/RHSA-2008-0768.html RHSA-2009:1289 http://www.redhat.com/support/errata/RHSA-2009-1289.html SUSE-SR:2008:017 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html USN-671-1 http://www.ubuntu.com/usn/USN-671-1 http://bugs.mysql.com/bug.php?id=32167 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-60.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-24.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-5.html http://support.apple.com/kb/HT3216 http://support.apple.com/kb/HT3865 mysql-myisam-security-bypass(42267) https://exchange.xforce.ibmcloud.com/vulnerabilities/42267 oval:org.mitre.oval:def:10133 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10133 Common Vulnerability Exposure (CVE) ID: CVE-2008-3963 Debian Security Information: DSA-1783 (Google Search) http://www.debian.org/security/2009/dsa-1783 http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 http://www.openwall.com/lists/oss-security/2008/09/09/4 http://www.openwall.com/lists/oss-security/2008/09/09/7 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 http://www.redhat.com/support/errata/RHSA-2009-1067.html http://www.securitytracker.com/id?1020858 http://secunia.com/advisories/31769 http://secunia.com/advisories/32759 http://secunia.com/advisories/34907 SuSE Security Announcement: SUSE-SR:2008:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://www.ubuntu.com/usn/USN-1397-1 http://www.vupen.com/english/advisories/2008/2554 XForce ISS Database: mysql-bitstring-dos(45042) https://exchange.xforce.ibmcloud.com/vulnerabilities/45042 Common Vulnerability Exposure (CVE) ID: CVE-2008-4456 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 31486 http://www.securityfocus.com/bid/31486 Bugtraq: 20080930 MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/496842/100/0/threaded Bugtraq: 20080930 RE: MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/496877/100/0/threaded Bugtraq: 20081004 RE: RE: MySQL command-line client HTML injection vulnerability (Google Search) http://seclists.org/bugtraq/2008/Oct/0026.html Bugtraq: 20081029 Re: MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/497158/100/0/threaded http://www.securityfocus.com/archive/1/497885/100/0/threaded http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11456 http://www.redhat.com/support/errata/RHSA-2010-0110.html http://secunia.com/advisories/32072 http://secunia.com/advisories/38517 http://securityreason.com/securityalert/4357 http://ubuntu.com/usn/usn-897-1 XForce ISS Database: mysql-commandline-xss(45590) https://exchange.xforce.ibmcloud.com/vulnerabilities/45590 Common Vulnerability Exposure (CVE) ID: CVE-2009-2446 BugTraq ID: 35609 http://www.securityfocus.com/bid/35609 Bugtraq: 20090708 MySQL <= 5.0.45 post auth format string vulnerability (Google Search) http://www.securityfocus.com/archive/1/504799/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:179 http://www.osvdb.org/55734 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857 http://securitytracker.com/id?1022533 http://secunia.com/advisories/35767 http://www.vupen.com/english/advisories/2009/1857 XForce ISS Database: mysql-dispatchcommand-format-string(51614) https://exchange.xforce.ibmcloud.com/vulnerabilities/51614
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.