BID:12781

MySQL AB MySQL Multiple Remote Vulnerabilities

Info

MySQL AB MySQL Multiple Remote Vulnerabilities

Bugtraq ID:	12781
Class:	Unknown
CVE:	CVE-2005-0709 CVE-2005-0710 CVE-2005-0711
Remote:	Yes
Local:	No
Published:	Mar 11 2005 12:00AM
Updated:	Nov 02 2007 10:06PM
Credit:	Discovery of these vulnerabilities is credited to Stefano Di Paola <stefano.dipaolawisec.it>.
Vulnerable:	Turbolinux Turbolinux Workstation 8.0 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 7.0 Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux 10 F... Turbolinux Home Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server Hosting Edition 1.0 Trustix Secure Linux 2.2 Trustix Secure Linux 2.1 Trustix Secure Linux 2.0 Trustix Secure Enterprise Linux 2.0 SuSE SUSE Linux Enterprise Server 8 + Linux kernel 2.4.21 + Linux kernel 2.4.19 SuSE Linux Enterprise Server 9 SuSE Linux Desktop 1.0 Sun Solaris 10.0_x86 Sun Solaris 10 SGI ProPack 3.0 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 Redhat Linux 8.0 i686 Redhat Linux 8.0 i386 Redhat Linux 8.0 Redhat Fedora Core3 Redhat Fedora Core2 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux WS 2.1 IA64 Redhat Enterprise Linux WS 2.1 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux ES 2.1 IA64 Redhat Enterprise Linux ES 2.1 Redhat Desktop 4.0 Redhat Desktop 3.0 Redhat Advanced Workstation for the Itanium Processor 2.1 IA64 Redhat Advanced Workstation for the Itanium Processor 2.1 MySQL AB MySQL 4.1.5 MySQL AB MySQL 4.1.4 MySQL AB MySQL 4.1.3 -beta MySQL AB MySQL 4.1.3 -beta MySQL AB MySQL 4.1.3 -0 MySQL AB MySQL 4.1.2 -alpha MySQL AB MySQL 4.0.21 MySQL AB MySQL 4.0.20 + Mandriva Linux Mandrake 10.1 x86_64 + Mandriva Linux Mandrake 10.1 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 MySQL AB MySQL 4.0.18 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 MySQL AB MySQL 4.0.15 + Mandriva Linux Mandrake 9.2 amd64 + Mandriva Linux Mandrake 9.2 + OpenPKG OpenPKG Current MySQL AB MySQL 4.0.14 + OpenPKG OpenPKG 1.3 + OpenPKG OpenPKG Current + Trustix Secure Linux 2.0 MySQL AB MySQL 4.0.13 MySQL AB MySQL 4.0.12 MySQL AB MySQL 4.0.11 -gamma MySQL AB MySQL 4.0.11 + Mandriva Linux Mandrake 9.1 ppc + Mandriva Linux Mandrake 9.1 MySQL AB MySQL 4.0.10 MySQL AB MySQL 4.0.9 -gamma MySQL AB MySQL 4.0.9 MySQL AB MySQL 4.0.8 -gamma MySQL AB MySQL 4.0.8 MySQL AB MySQL 4.0.7 -gamma MySQL AB MySQL 4.0.7 MySQL AB MySQL 4.0.6 MySQL AB MySQL 4.0.5 a MySQL AB MySQL 4.0.5 MySQL AB MySQL 4.0.4 MySQL AB MySQL 4.0.3 MySQL AB MySQL 4.0.2 MySQL AB MySQL 4.0.1 MySQL AB MySQL 4.0 .0 MySQL AB MySQL 3.23.49 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Redhat Linux 7.3 i686 + Redhat Linux 7.3 i386 + Redhat Linux 7.3 MySQL AB MySQL 4.1.0.0-alpha MySQL AB MySQL 4.1.0-0 Microsoft Windows 2000 Professional SP4 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 Gentoo Linux Apple Mac OS X Server 10.3.9 ALT Linux ALT Linux Junior 2.3 ALT Linux ALT Linux Compact 2.3

Not Vulnerable:	MySQL AB MySQL 4.0.24 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 MySQL AB MySQL 4.1.10a

Discussion

MySQL AB MySQL Multiple Remote Vulnerabilities

MySQL is reported prone to multiple vulnerabilities that can be exploited by a remote authenticated attacker. The following individual issues are reported:

- Insecure temporary file-creation vulnerability. Reports indicate that an attacker with 'CREATE TEMPORARY TABLE' privileges on an affected installation may leverage this vulnerability to corrupt files with the privileges of the MySQL process.

- Input-validation vulnerability. Remote attackers with INSERT and DELETE privileges on the 'mysql' administrative database can exploit this. Reports indicate that this issue may be leveraged to load and execute a malicious library in the context of the MySQL process.

- Remote arbitrary-code execution vulnerability. Reportedly, the vulnerability may be triggered by employing the 'CREATE FUNCTION' statement to manipulate functions to control sensitive data structures. This issue may be exploited to execute arbitrary code in the context of the database process.

These issues are reported to exist in MySQL versions prior to MySQL 4.0.24 and 4.1.10a.

Exploit / POC

MySQL AB MySQL Multiple Remote Vulnerabilities

UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following exploits are available:

/data/vulnerabilities/exploits/exp2.php
/data/vulnerabilities/exploits/exp3.pl
/data/vulnerabilities/exploits/raptor_udf2.c
/data/vulnerabilities/exploits/raptor_winudf.tgz

Solution / Fix

MySQL AB MySQL Multiple Remote Vulnerabilities

Solution:
It is reported that the vendor has addressed these vulnerabilities in MySQL versions 4.0.24 and 4.1.10a. These downloads are not available at the time of writing, customers are advised to contact the vendor for further information regarding obtaining and applying appropriate updates.

Turbolinux has released advisory TLSA-2005-48 to address these issues. Please see the referenced advisory for more information.

SGI has released an advisory 20050401-01-U including updated SGI ProPack 3 Service Pack 4 packages to address this issue. Please see the referenced advisory for more information.

ALT Linux has released updates dealing with this and other issues. Please see the reference section for more information.

Gentoo has released advisory GLSA 200503-19 to address these issues. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems:

emerge --sync
emerge --ask --oneshot --verbose ">=dev-db/mysql-4.0.24"

Ubuntu has released advisory USN-96-1 to address these issues. Please see the referenced advisory for more information.

Trustix Secure linux released advisory TSL-2005-0009 dealing with this and other issues. Please see the referenced advisory for more information.

Mandrake has released advisory MDKSA-2005:060 to address these issues. Please see the referenced advisory for more information.

SUSE has released advisory SUSE-SA:2005:019 to address these issues. Please see the referenced advisory for more information.

Red Hat has released advisory RHSA-2005:334-07 to address these issues. Please see the referenced advisory for more information.

Conectiva has released advisory CLA-2005:946 to address these issues. Please see the referenced advisory for more information.

Fedora advisories FEDORA-2005-304 and FEDORA-2005-305 for Fedora Core 2 and Core 3 are available to address these issues. Please see the referenced advisories for more information.

Debian Linux has released advisory DSA 707-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.

OpenPKG has released advisory OpenPKG-SA-2005.006 and fixes for this issue. Please see the referenced advisory for information on obtaining the fixed packages.

Sun has released a security advisory (Sun Alert ID: 101864) addressing this and other issues in MySQL for Solaris 10. Please see the referenced advisory for further information.

Apple has released security advisory APPLE-SA-2005-08-15 addressing this and several other vulnerabilities. Please see the referenced advisory for further information.

Sun Solaris 10

Sun 120292-01
http://sunsolve.sun.com/search/document.do?assetkey=1-21-120292-01-1

Sun 120293-01
http://sunsolve.sun.com/search/document.do?assetkey=1-21-120293-01-1

Sun Solaris 10.0_x86

Sun 120292-01
http://sunsolve.sun.com/search/document.do?assetkey=1-21-120292-01-1

Sun 120293-01
http://sunsolve.sun.com/search/document.do?assetkey=1-21-120293-01-1

Apple Mac OS X Server 10.3.9

Apple SecUpdSrvr2005-007Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=07796&plat form=osx&method=sa/SecUpdSrvr2005-007Pan.dmg

MySQL AB MySQL 3.23.49

Debian libmysqlclient10-dev_3.23.49-8.11_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_alpha.deb

Debian libmysqlclient10-dev_3.23.49-8.11_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_arm.deb

Debian libmysqlclient10-dev_3.23.49-8.11_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_hppa.deb

Debian libmysqlclient10-dev_3.23.49-8.11_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_i386.deb

Debian libmysqlclient10-dev_3.23.49-8.11_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_ia64.deb

Debian libmysqlclient10-dev_3.23.49-8.11_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_m68k.deb

Debian libmysqlclient10-dev_3.23.49-8.11_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_mips.deb

Debian libmysqlclient10-dev_3.23.49-8.11_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_mipsel.deb

Debian libmysqlclient10-dev_3.23.49-8.11_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_powerpc.deb

Debian libmysqlclient10-dev_3.23.49-8.11_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_s390.deb

Debian libmysqlclient10-dev_3.23.49-8.11_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10- dev_3.23.49-8.11_sparc.deb

Debian libmysqlclient10_3.23.49-8.11_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_alpha.deb

Debian libmysqlclient10_3.23.49-8.11_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_arm.deb

Debian libmysqlclient10_3.23.49-8.11_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_hppa.deb

Debian libmysqlclient10_3.23.49-8.11_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_i386.deb

Debian libmysqlclient10_3.23.49-8.11_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_ia64.deb

Debian libmysqlclient10_3.23.49-8.11_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_m68k.deb

Debian libmysqlclient10_3.23.49-8.11_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_mips.deb

Debian libmysqlclient10_3.23.49-8.11_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_mipsel.deb

Debian libmysqlclient10_3.23.49-8.11_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_powerpc.deb

Debian libmysqlclient10_3.23.49-8.11_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_s390.deb

Debian libmysqlclient10_3.23.49-8.11_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_ 3.23.49-8.11_sparc.deb

Debian mysql-client_3.23.49-8.11_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_alpha.deb

Debian mysql-client_3.23.49-8.11_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_arm.deb

Debian mysql-client_3.23.49-8.11_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_hppa.deb

Debian mysql-client_3.23.49-8.11_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_i386.deb

Debian mysql-client_3.23.49-8.11_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_ia64.deb

Debian mysql-client_3.23.49-8.11_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_m68k.deb

Debian mysql-client_3.23.49-8.11_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_mips.deb

Debian mysql-client_3.23.49-8.11_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_mipsel.deb

Debian mysql-client_3.23.49-8.11_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_powerpc.deb

Debian mysql-client_3.23.49-8.11_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_s390.deb

Debian mysql-client_3.23.49-8.11_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23 .49-8.11_sparc.deb

Debian mysql-common_3.23.49-8.11_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-common_3.23 .49-8.11_all.deb

Debian mysql-doc_3.23.49-8.5_all.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-doc_3.23.49 -8.5_all.deb

Debian mysql-server_3.23.49-8.11_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_alpha.deb

Debian mysql-server_3.23.49-8.11_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_arm.deb

Debian mysql-server_3.23.49-8.11_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_hppa.deb

Debian mysql-server_3.23.49-8.11_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_i386.deb

Debian mysql-server_3.23.49-8.11_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_ia64.deb

Debian mysql-server_3.23.49-8.11_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_m68k.deb

Debian mysql-server_3.23.49-8.11_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_mips.deb

Debian mysql-server_3.23.49-8.11_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_mipsel.deb

Debian mysql-server_3.23.49-8.11_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_powerpc.deb

Debian mysql-server_3.23.49-8.11_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_s390.deb

Debian mysql-server_3.23.49-8.11_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23 .49-8.11_sparc.deb

MySQL AB MySQL 4.0.15

Conectiva libmysqlclient-devel-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libmysqlclient-devel-4.0.1 5-62448U10_2cl.i386.rpm

Conectiva libmysqlclient-devel-static-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libmysqlclient-devel-stati c-4.0.15-62448U10_2cl.i386.rpm

Conectiva libmysqlclient12-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/libmysqlclient12-4.0.15-62 448U10_2cl.i386.rpm

Conectiva mysql-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mysql-4.0.15-62448U10_2cl. i386.rpm

Conectiva mysql-bench-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mysql-bench-4.0.15-62448U1 0_2cl.i386.rpm

Conectiva mysql-client-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mysql-client-4.0.15-62448U 10_2cl.i386.rpm

Conectiva mysql-doc-4.0.15-62448U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mysql-doc-4.0.15-62448U10_ 2cl.i386.rpm

SuSE mysql-4.0.15-71.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mysql-4.0.15-71.i 586.rpm

SuSE mysql-4.0.15-71.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mysql-4.0.15- 71.x86_64.rpm

SuSE mysql-Max-4.0.15-71.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mysql-Max-4.0.15- 71.i586.rpm

SuSE mysql-Max-4.0.15-71.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mysql-Max-4.0 .15-71.x86_64.rpm

MySQL AB MySQL 4.0.18

Mandrake lib64mysql12-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake lib64mysql12-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake lib64mysql12-devel-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake lib64mysql12-devel-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake libmysql12-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake libmysql12-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake libmysql12-devel-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake libmysql12-devel-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-bench-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-bench-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-bench-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-bench-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-client-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-client-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-client-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-client-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-common-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-common-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-common-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-common-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-Max-4.0.18-1.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-Max-4.0.18-1.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-Max-4.0.18-1.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-Max-4.0.18-1.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

SuSE mysql-4.0.18-32.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mysql-4.0.18-32.1 3.i586.rpm

SuSE mysql-4.0.18-32.13.x86_64.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/x86_64/mysql-4.0.18-32 .13.x86_64.rpm

SuSE mysql-Max-4.0.18-32.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mysql-Max-4.0.18- 32.13.i586.rpm

SuSE mysql-Max-4.0.18-32.13.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mysql-Max-4.0 .18-32.13.x86_64.rpm

Trustix mysql-4.0.24-1tr.i586.rpm
Trustix Secure Linux 2.1
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix mysql-bench-4.0.24-1tr.i586.rpm
Trustix Secure Linux 2.1
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix mysql-client-4.0.24-1tr.i586.rpm
Trustix Secure Linux 2.1
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix mysql-devel-4.0.24-1tr.i586.rpm
Trustix Secure Linux 2.1
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix mysql-libs-4.0.24-1tr.i586.rpm
Trustix Secure Linux 2.1
ftp://ftp.trustix.org/pub/trustix/updates/

Trustix mysql-shared-4.0.24-1tr.i586.rpm
Trustix Secure Linux 2.1
ftp://ftp.trustix.org/pub/trustix/updates/

MySQL AB MySQL 4.0.20

Mandrake lib64mysql12-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake lib64mysql12-devel-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake libmysql12-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake libmysql12-devel-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-bench-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-bench-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-client-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-client-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-common-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-common-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-Max-4.0.20-3.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake MySQL-Max-4.0.20-3.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

TurboLinux mysql-bench-4.0.20-14.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/mysql-bench-4.0.20-14.i586.rpm

TurboLinux mysql-client-4.0.20-14.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/mysql-client-4.0.20-14.i586.rpm

TurboLinux mysql-devel-4.0.20-14.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/mysql-devel-4.0.20-14.i586.rpm

TurboLinux mysql-server-4.0.20-14.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/mysql-server-4.0.20-14.i586.rpm

TurboLinux mysql-shared-4.0.20-14.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/mysql-shared-4.0.20-14.i586.rpm

Ubuntu libmysqlclient-dev_4.0.20-2ubuntu1.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclien t-dev_4.0.20-2ubuntu1.4_amd64.deb

Ubuntu libmysqlclient-dev_4.0.20-2ubuntu1.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclien t-dev_4.0.20-2ubuntu1.4_i386.deb

Ubuntu libmysqlclient-dev_4.0.20-2ubuntu1.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclien t-dev_4.0.20-2ubuntu1.4_powerpc.deb

Ubuntu libmysqlclient12_4.0.20-2ubuntu1.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclien t12_4.0.20-2ubuntu1.4_amd64.deb

Ubuntu libmysqlclient12_4.0.20-2ubuntu1.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclien t12_4.0.20-2ubuntu1.4_i386.deb

Ubuntu libmysqlclient12_4.0.20-2ubuntu1.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/libmysqlclien t12_4.0.20-2ubuntu1.4_powerpc.deb

Ubuntu mysql-client_4.0.20-2ubuntu1.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_ 4.0.20-2ubuntu1.4_amd64.deb

Ubuntu mysql-client_4.0.20-2ubuntu1.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_ 4.0.20-2ubuntu1.4_i386.deb

Ubuntu mysql-client_4.0.20-2ubuntu1.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-client_ 4.0.20-2ubuntu1.4_powerpc.deb

Ubuntu mysql-common_4.0.20-2ubuntu1.4_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-common_ 4.0.20-2ubuntu1.4_all.deb

Ubuntu mysql-server_4.0.20-2ubuntu1.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_ 4.0.20-2ubuntu1.4_amd64.deb

Ubuntu mysql-server_4.0.20-2ubuntu1.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_ 4.0.20-2ubuntu1.4_i386.deb

Ubuntu mysql-server_4.0.20-2ubuntu1.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/mysql-server_ 4.0.20-2ubuntu1.4_powerpc.deb

MySQL AB MySQL 4.0.21

OpenPKG mysql-4.0.21-2.2.2.src.rpm
ftp://ftp.openpkg.org/release/2.2/UPD/mysql-4.0.21-2.2.2.src.rpm

SuSE mysql-4.0.21-4.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mysql-4.0.21-4.4. i586.rpm

SuSE mysql-4.0.21-4.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mysql-4.0.21-4. 4.x86_64.rpm

SuSE mysql-Max-4.0.21-4.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mysql-Max-4.0.21- 4.4.i586.rpm

SuSE mysql-Max-4.0.21-4.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mysql-Max-4.0.2 1-4.4.x86_64.rpm

References

MySQL AB MySQL Multiple Remote Vulnerabilities

References:

[security-announce] I: updated packages available (ALT Linux)
MySQL Homepage (Oracle)
RHSA-2005:334-07 - mysql security update (RedHat)
Sun Alert ID: 101864 (Sun)
Mysql CREATE FUNCTION libc arbitrary code execution. (Stefano Di Paola )
Mysql CREATE FUNCTION mysql.func table arbitrary library injection (Stefano Di Paola )