Date: 20 January 2005
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2005.0059 -- Debian Security Advisory DSA 647-1
New mysql packages fix insecure temporary files
20 January 2005
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: mysql
Publisher: Debian
Operating System: Debian GNU/Linux 3.0
Linux variants
Impact: Access Privileged Data
Overwrite Arbitrary Files
Access: Existing Account
CVE Names: CAN-2005-0004
Original Bulletin: http://www.debian.org/security/2005/dsa-647
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 647-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 19th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : mysql
Vulnerability : insecure temporary files
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0004
Javier Fernandez-Sanguino Pena from the Debian Security Audit Project
discoverd a temporary file vulnerability in the mysqlaccess script of
MySQL that could allow an unprivileged user to let root overwrite
arbitrary files via a symlink attack and could also could unveil the
contents of a temporary file which might contain sensitive
information.
For the stable distribution (woody) this problem has been fixed in
version 3.23.49-8.9.
For the unstable distribution (sid) this problem has been fixed in
version 4.0.23-3 of mysql-dfsg and in version 4.1.8a-6 of
mysql-dfsg-4.1.
We recommend that you upgrade your mysql packages.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.23.49-8.9.dsc
Size/MD5 checksum: 875 943c6c647b130518c2a6c96bcb9c4031
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.23.49-8.9.diff.gz
Size/MD5 checksum: 68320 7c46ef730e9c81c554b6d511481c02b7
http://security.debian.org/pool/updates/main/m/mysql/mysql_3.23.49.orig.tar.gz
Size/MD5 checksum: 11861035 a2820d81997779a9fdf1f4b3c321564a
Architecture independent components:
http://security.debian.org/pool/updates/main/m/mysql/mysql-common_3.23.49-8.9_all.deb
Size/MD5 checksum: 17484 9c6cf59a839d3fc25a74f164358008e2
http://security.debian.org/pool/updates/main/m/mysql/mysql-doc_3.23.49-8.5_all.deb
Size/MD5 checksum: 1962992 a4cacebaadf9d5988da0ed1a336b48e6
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_alpha.deb
Size/MD5 checksum: 278304 345708861734203ea2b8539c08a522a5
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_alpha.deb
Size/MD5 checksum: 779380 fa6bc20e561e5022eedc5dcd69715a27
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_alpha.deb
Size/MD5 checksum: 164116 f71397420366e10b5baf839658611271
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_alpha.deb
Size/MD5 checksum: 3635240 09c8c082c5bb1a5aec7fc55bebc0bcd6
ARM architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_arm.deb
Size/MD5 checksum: 238910 874cde30bec50e22aec0d66b163b5d60
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_arm.deb
Size/MD5 checksum: 635228 2cde5c1d7b306ad42b57a0cf26980546
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_arm.deb
Size/MD5 checksum: 124520 4a625fd5ba3b3f28cc13ebf65c2a1afb
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_arm.deb
Size/MD5 checksum: 2806914 3d001b9b0c0cb886e145d0bd39af870f
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_i386.deb
Size/MD5 checksum: 235264 44202de31efe2267b50a0e24fb8ee3fd
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_i386.deb
Size/MD5 checksum: 577118 081914b6293637cedc177b4c10671796
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_i386.deb
Size/MD5 checksum: 123080 0d35e7a8bd5f5ae806c55a2a12aa6ac1
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_i386.deb
Size/MD5 checksum: 2800998 e2af0992c6a9921dfc864e75c1495258
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_ia64.deb
Size/MD5 checksum: 315628 29091ddf30d6c12f777f53cec06b740b
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_ia64.deb
Size/MD5 checksum: 849066 aa2f4e5c92fc2779c3072c85d68ffb5f
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_ia64.deb
Size/MD5 checksum: 174356 b4e35c1cbe4726f3abdeb5b159027c29
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_ia64.deb
Size/MD5 checksum: 4000374 bc43f76d2bde3d546f4d0c3a5066a641
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_hppa.deb
Size/MD5 checksum: 281234 342cd7fccbb64631bf655cb7952e90c1
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_hppa.deb
Size/MD5 checksum: 744302 546d8e2ba4c48c8936be30396dbedab2
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_hppa.deb
Size/MD5 checksum: 141156 0b4874c0a5e0961dc6027ed24bd2a6f9
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_hppa.deb
Size/MD5 checksum: 3515058 335d0afef63d0abc18e20ad760bd70b1
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_m68k.deb
Size/MD5 checksum: 228298 ace3b33157e09b2b78e23bd945cc56a5
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_m68k.deb
Size/MD5 checksum: 558298 b8c4e5656cc5a4208875740ed1b17aa9
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_m68k.deb
Size/MD5 checksum: 118952 ce85668f7070bcd748aad870c72aa150
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_m68k.deb
Size/MD5 checksum: 2647058 02d740546dc1690a604225d5e37cc99b
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_mips.deb
Size/MD5 checksum: 251516 9f7505c8797f0f36272449ea8b416ce6
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_mips.deb
Size/MD5 checksum: 689502 3bd49b0204f94da6a254dee9f0dfd778
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_mips.deb
Size/MD5 checksum: 134466 4dd241930eaec445b5ef90aa68f7d4ab
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_mips.deb
Size/MD5 checksum: 2848984 c5b09b6786844a747c8b8cef395dfac4
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_mipsel.deb
Size/MD5 checksum: 251192 73d7c69f49a13e8e3592310c2bc675e0
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_mipsel.deb
Size/MD5 checksum: 689122 f13325c3394b0385c76d289d886f165f
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_mipsel.deb
Size/MD5 checksum: 134828 6d0e79f252d1cd3048ce3367aa200636
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_mipsel.deb
Size/MD5 checksum: 2839732 499551d692fc5d80fd16c43e83e19201
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_powerpc.deb
Size/MD5 checksum: 248344 d2fbd5ac1b1ce08963b38c276297f8fb
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_powerpc.deb
Size/MD5 checksum: 653252 eefbee85063e49943d26b4e4f278343a
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_powerpc.deb
Size/MD5 checksum: 130004 33fb65f2e7d3e0b3681dc2ab8dc72762
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_powerpc.deb
Size/MD5 checksum: 2823828 29fa73043be8ec6caa52c65719fd9fc0
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_s390.deb
Size/MD5 checksum: 250630 e37efa3ab7dc647355c3525940f1e580
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_s390.deb
Size/MD5 checksum: 607800 31a8eb384c66765e82f8330e20e9abb8
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_s390.deb
Size/MD5 checksum: 126984 cc938da5903e7d7f22da55c88bdaa552
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_s390.deb
Size/MD5 checksum: 2691598 e944a61e4f832a410ef48a6ef1fafa36
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10_3.23.49-8.9_sparc.deb
Size/MD5 checksum: 241812 f2996905943eaa9e4a04c842623cb4ce
http://security.debian.org/pool/updates/main/m/mysql/libmysqlclient10-dev_3.23.49-8.9_sparc.deb
Size/MD5 checksum: 616256 251bda8bfc97c7d216faa1e0e174d4b6
http://security.debian.org/pool/updates/main/m/mysql/mysql-client_3.23.49-8.9_sparc.deb
Size/MD5 checksum: 130942 372c0534b98507f3ecdcb3944c2f8a92
http://security.debian.org/pool/updates/main/m/mysql/mysql-server_3.23.49-8.9_sparc.deb
Size/MD5 checksum: 2940408 38cd0279c75c8968a50b2742e810f484
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB7kiVW5ql+IAeqTIRAg/BAJsF1DCuuXP8Wk6lnip//ASMZ5EK2wCfSX8E
wnnfVXxjBAgUf/iOH0byV30=
=CN3K
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQe78ACh9+71yA2DNAQLsCwP+NyioJXjSt8Lb42LZrc/S8p0U5/8zrbtt
fT3mBV1DHO123m27kYCVB6Hrz9lC3xR4TLl9OoII4VyWsMeX8G2kAuljRgjMSV9p
tMXKZpLX/7EID7N9fF01Y8QTlVAKdejWgRyuLzWBuPmfQJQg26Fk1Zl1RqBEWAiA
vXpGhO3KEmk=
=b44w
-----END PGP SIGNATURE-----
|