CVE-2012-4452 – mysql: regression of CVE-2009-4030
https://notcve.org/view.php?id=CVE-2012-4452
MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6. MySQL v5.0.88 enlaces simbólicos, y posiblemente otras versiones y plataformas, permite a usuarios locales eludir ciertos privilegios llamando a CREATE TABLE en una tabla MyISAM con argumentos (1) DATA DIRECTORY o (2) INDEX DIRECTORY modificados que son originalmente asociados con rutas sin enlaces simbólicos, y que pueden apuntar a tablas creadas en un momento futuro en el que una ruta es modificada para contener un enlace simbólico a un subdirectorio del directorio de datos de MySQL. Se trata de un problema relacionado con el cálculo incorrecto del valor mysql_unpacked_real_data_home . NOTA: esta vulnerabilidad se debe a una regresión al CVE-2009-4030, que no fue evitado en algunos paquetes y versiones probados, como MySQL v5.0.95 en Red Hat Enterprise Linux 6. • http://rhn.redhat.com/errata/RHSA-2013-0121.html http://www.openwall.com/lists/oss-security/2012/09/27/1 http://www.securityfocus.com/bid/55715 https://bugzilla.redhat.com/show_bug.cgi?id=860808 https://access.redhat.com/security/cve/CVE-2012-4452 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0583 – mysql: unspecified DoS vulnerability in MyISAM (Oracle CPU April 2012)
https://notcve.org/view.php?id=CVE-2012-0583
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.60 y anteriores, y v5.5.19 y anteriores, que permite a usuarios remotos autenticados afectar la disponibilidad, relacionado con MyISAM. • http://secunia.com/advisories/48890 http://secunia.com/advisories/49179 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html http://www.securityfocus.com/bid/53061 http://www.securitytracker.com/id?1026934 https://access.redhat.com/security/cve/CVE-2012-0583 https://bugzilla.redhat.com/show_bug.cgi?id=814282 •
CVE-2012-1696
https://notcve.org/view.php?id=CVE-2012-1696
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente de servidor MySQL en Oracle MySQL v5.5.19 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Optimizador de servidor. • http://secunia.com/advisories/48890 http://secunia.com/advisories/49179 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html http://www.securityfocus.com/bid/53071 http://www.securitytracker.com/id?1026934 •
CVE-2010-3677 – MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)
https://notcve.org/view.php?id=CVE-2010-3677
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio de mysqld) por medio de una consulta join que utiliza una tabla con una columna SET única. • http://bugs.mysql.com/bug.php?id=54575 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/42875 http://secunia.com/advisories/42936 http://support.apple.com/kb/HT4723 http://www.debian.org/security/2011/dsa-2143 • CWE-399: Resource Management Errors •
CVE-2010-3682 – MySQL 5.1.48 - 'EXPLAIN' Denial of Service
https://notcve.org/view.php?id=CVE-2010-3682
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio mysqld) mediante el uso de EXPLAIN con declaraciones especialmente diseñadas "SELECT ... • https://www.exploit-db.com/exploits/34506 http://bugs.mysql.com/bug.php?id=52711 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/42875 http://secunia.com/advisories/42936 http://support.apple.com/kb/HT4723 http& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •