copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
Search this site

On this site

 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login


ESB-2007.0949 -- [Debian] -- New mysql packages fix multiple vulnerabilities

Date: 27 November 2007
References: ESB-2007.0527  ESB-2007.0687  ESB-2007.0938  ESB-2007.1022  ESB-2007.1036  ESB-2008.0545  

Click here for printable version
Click here for PGP verifiable version
Hash: SHA1

             AUSCERT External Security Bulletin Redistribution

                         ESB-2007.0949 -- [Debian]
              New mysql packages fix multiple vulnerabilities
                             27 November 2007


        AusCERT Security Bulletin Summary

Product:              mysql-dfsg
Publisher:            Debian
Operating System:     Debian GNU/Linux 3.1
                      Debian GNU/Linux 4.0
Impact:               Denial of Service
                      Increased Privileges
                      Modify Arbitrary Files
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-5925 CVE-2007-3782 CVE-2007-3780
                      CVE-2007-2692 CVE-2007-2691 CVE-2007-2583

Ref:                  ESB-2007.0938

Original Bulletin:

- --------------------------BEGIN INCLUDED TEXT--------------------

Hash: SHA1

- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1413-1                                   Noah Meyerhans
November 26, 2007           
- - ------------------------------------------------------------------------

Package        : mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1
Vulnerability  : multiple
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-2583, CVE-2007-2691, CVE-2007-2692 
                 CVE-2007-3780, CVE-2007-3782, CVE-2007-5925
Debian Bug     : 426353, 424778, 424778, 451235

Several vulnerabilities have been found in the MySQL database packages
with implications ranging from unauthorized database modifications to
remotely triggered server crashes.


	The in_decimal::set function in in MySQL
	before 5.0.40 allows context-dependent attackers to cause a
	denial of service (crash) via a crafted IF clause that results
	in a divide-by-zero error and a NULL pointer dereference.
	(Affects source version 5.0.32)


	MySQL does not require the DROP privilege for RENAME TABLE
	statements, which allows remote authenticated users to rename
	arbitrary tables. (All supported versions affected.)


	The mysql_change_db function does not restore THD::db_access
	privileges when returning from SQL SECURITY INVOKER stored
	routines, which allows remote authenticated users to gain
	privileges.  (Affects source version 5.0.32)


	MySQL could be made to overflow a signed char during
	authentication. Remote attackers could use specially crafted
	authentication requests to cause a denial of
	service. (Upstream source versions 4.1.11a and 5.0.32


	Phil Anderton discovered that MySQL did not properly verify
	access privileges when accessing external tables. As a result,
	authenticated users could exploit this to obtain UPDATE
	privileges to external tables.  (Affects source version


	The convert_search_mode_to_innobase function in
	in the InnoDB engine in MySQL 5.1.23-BK and earlier allows
	remote authenticated users to cause a denial of service
	(database crash) via a certain CONTAINS operation on an
	indexed column, which triggers an assertion error.  (Affects
	source version 5.0.32)

For the stable distribution (etch), these problems have been fixed in
version 5.0.32-7etch3 of the mysql-dfsg-5.0 packages

For the old stable distribution (sarge), these problems have been
fixed in version 4.0.24-10sarge3 of mysql-dfsg and version
4.1.11a-4sarge8 of mysql-dfsg-4.1

We recommend that you upgrade your mysql packages.

Upgrade instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- - -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:   158239 ceb5a1f5875bd86c34f1c8711fff1512
    Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877
    Size/MD5 checksum:     1117 1f37ff72f1d5276c52b1adcebe796704

Architecture independent packages:
    Size/MD5 checksum:    53548 5eab71c3e41f585dfb86f360cf9413a8
    Size/MD5 checksum:    47306 e3e2cf556bcf98b077090b9aa1551973
    Size/MD5 checksum:    45228 8ae0496a27a9919f0ef79100a294cb5c

alpha architecture (DEC Alpha)
    Size/MD5 checksum: 27367610 5b031c91101fc26da9fce90649f6af4f
    Size/MD5 checksum:  8406582 2a6b482ac43acc702aba070ac16410f1
    Size/MD5 checksum:  1949566 65956545169d0494303614308dd5fc71
    Size/MD5 checksum:    47356 eacd0a3b3588c14b26806e739e81c003
    Size/MD5 checksum:  8912162 ef51f26850391ea2b46df1e479de7298

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:  1829436 137139b9722adcad521d72048bc870a0
    Size/MD5 checksum: 25937824 d0b8b7d295213217b780d5f78dd48753
    Size/MD5 checksum:  7374926 c86423aa3d5024a1e9829e94686d0a80
    Size/MD5 checksum:  7545502 c28dd59a10fe782a11ed92d4f41e02d3
    Size/MD5 checksum:    47334 00c4901d4a7e889d346788668d03b76d

hppa architecture (HP PA RISC)
    Size/MD5 checksum:  1919950 77ed051af8da085483401586783168a6
    Size/MD5 checksum:  8003408 df40aa6aae5261b7e19389b6aeccd517
    Size/MD5 checksum:  8043764 9f2c5326cbe83478904b5fbb44a566d5
    Size/MD5 checksum: 27053986 748ee990de95a70a1f12bf8d82836458
    Size/MD5 checksum:    47338 2fbe0c22b854160efc3fbe57130d78cc

i386 architecture (Intel ia32)
    Size/MD5 checksum:  7188116 2c7a41713a396c8aecedc8b924f348a1
    Size/MD5 checksum:  6968400 09df50c04d87f934b021188d28a6de56
    Size/MD5 checksum:  1793210 1be98453fe240009dd910bb4f3ce6ecb
    Size/MD5 checksum: 25356378 112399fe4ec962c0ed807768880a7770
    Size/MD5 checksum:    47336 c303c553a72e9819ea90efbd04973bbb

ia64 architecture (Intel ia64)
    Size/MD5 checksum: 30405568 8daba01d54e639051eb5bffeada3e9cb
    Size/MD5 checksum:  9734712 d34c17a16de0cf2746fccb6abc920f84
    Size/MD5 checksum:  2114634 eff36d5639abca158981d0d3b6855da5
    Size/MD5 checksum:    47336 86b6a4b42b83c6e308ac4be5245a1e00
    Size/MD5 checksum: 10338428 67eb004fa1fae7eb752fc3e328f24fc2

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:  7655162 fb5957d30c35fcd1e94d478df13d126f
    Size/MD5 checksum: 26336066 6068caefe4e50c1a0c7c1d2f016cfe89
    Size/MD5 checksum:  1835184 7d23cc0b5d3d34fc1c965ae416355f07
    Size/MD5 checksum:    47334 b81bf61ee49f02d6e952e86c1c7ef494
    Size/MD5 checksum:  7748034 c2265fed6ee82de7a87429aaeb3f3834

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:  1788816 cda01fa6f2def40f0c947caa8f8c1da2
    Size/MD5 checksum:  7639546 afd466efeeddb85feaeef28987c03e35
    Size/MD5 checksum:    47340 d36af99d1b815f62f39149fddcbd27de
    Size/MD5 checksum: 25845048 20a84270663df2b65110a8b669aee37a
    Size/MD5 checksum:  7559536 589510f9e026bde91e70c9b4ad78ea6a

powerpc architecture (PowerPC)
    Size/MD5 checksum: 26161766 9ff509c8158d9f4381843daf29d90cb4
    Size/MD5 checksum:    47336 cbbc6088151475e9003d6ce245e7ea7a
    Size/MD5 checksum:  7511054 c4d1aa7227f49402604aabb82ec391a2
    Size/MD5 checksum:  7572150 f67c846d62cf2da02e073d75f5e97831
    Size/MD5 checksum:  1831826 d2be47b8486e73a5056b29873fc5f379

s390 architecture (IBM S/390)
    Size/MD5 checksum:  7507308 50acb63d4680441570d0180152af6dc4
    Size/MD5 checksum: 26762652 fe88146edc3286d12fc06596b55fb56a
    Size/MD5 checksum:  7412232 2d4e9fbce49e7248b91de25f2524a12a
    Size/MD5 checksum:  1951276 179a3a70d258114616e2aa98b43a7896
    Size/MD5 checksum:    47336 f89bb547bf6727493dccff6188c0bacd

Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:      959 79f665363e1949c6848b9ccd79774d08
    Size/MD5 checksum:  9923794 aed8f335795a359f32492159e3edfaa3
    Size/MD5 checksum:   100288 c8a09fb8a55fb6ae086d80aecc09e5f5
    Size/MD5 checksum:     1021 3e72ca407001f3a821af22528aeb4167
    Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3
    Size/MD5 checksum:   166363 3a827fee8740fbedbe7c114075351847

Architecture independent packages:
    Size/MD5 checksum:    34692 ccc11adc92b89539535dadf270d47ffe
    Size/MD5 checksum:    36954 13af7dbf0b5e55c57b22f66611d6f39c

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   524476 83c832e4a2c8740a07ec8ecc69850de3
    Size/MD5 checksum:  4896532 b9db7c1604c82b49b960266452f179b9
    Size/MD5 checksum: 17499908 f7dbe472481d4404556f8b18c621b02a
    Size/MD5 checksum:  4534572 1782d264a4c7702af2d6bc3ca8b08ca4
    Size/MD5 checksum:  1005618 89d391d8186f37393b6f6230e9749aa1
    Size/MD5 checksum:  1592832 7e2b8f6c948fd331bbbbde5d9c68d459
    Size/MD5 checksum:  7972820 924ddc2e807ced4e65d84a044d01c101
    Size/MD5 checksum:   356840 49415e6524100bad42d375b8e1a746b5

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:  3878532 bfd14013a3cfea4ada8c0bb4f61adac5
    Size/MD5 checksum:  3182788 9f16c1b574b822b83af24b083e0bf008
    Size/MD5 checksum:  5552302 68e16ff3668b2a97698f41351d4c5b14
    Size/MD5 checksum:   850010 5746928e2118b74835ea6f9f33a3ff90
    Size/MD5 checksum:   309618 9628c1cb0c3988e7a8ca4c1788e7bbfb
    Size/MD5 checksum:  1452492 b5f79b0bcdc6bf3b21b5f766ae94f1d9
    Size/MD5 checksum:   434160 1a89003c4a9d54e9b8942232ee42ce1c
    Size/MD5 checksum: 14711934 2176f9ed1b9049b049d6a755f201677a

hppa architecture (HP PA RISC)
    Size/MD5 checksum: 15791836 18fc8a2cf9f1ff120c50a00579285ba7
    Size/MD5 checksum:  1551666 2060ce8666a508dab761c3f6044f9de4
    Size/MD5 checksum:  3314510 c3355ecb5c2b96478dea993a48e4ade1
    Size/MD5 checksum:   330088 f81f69b7a00213483a2ee47961b0fa8a
    Size/MD5 checksum:   910486 34ce1dd85f8b3102c8320608db2ac49b
    Size/MD5 checksum:  6250742 e741c50def86f096fc3e5f33d2546e4b
    Size/MD5 checksum:   456142 15f3655a889ab79f32a05a6ec4e6d3eb
    Size/MD5 checksum:  3947328 2580ee426cdb77ecb018ad66a2de271a

i386 architecture (Intel ia32)
    Size/MD5 checksum:   297144 9d9a3af124735f4f2ddc2bf2d8080441
    Size/MD5 checksum:  3652532 dc9c0f6c46d5cf4980626b8bf1478c2b
    Size/MD5 checksum:  5645942 e4cf4980b8dcd3ade7f97744ff7cd627
    Size/MD5 checksum:   417172 6d0d21ab328bb10704a453018a9fbe0f
    Size/MD5 checksum:  1418578 c3c5800beb238eadcb44bc5cae668a09
    Size/MD5 checksum:   831594 1e9acc111598dbeae29405174e98f8eb
    Size/MD5 checksum: 14573956 cf379b4463dc21d6afe6bbc4d66e2e46
    Size/MD5 checksum:  2921244 524bcb7f1d70efd731623e0f9a1d60e2

ia64 architecture (Intel ia64)
    Size/MD5 checksum:  4472620 c8fc82cd6fde1292e8c8ecaa52010208
    Size/MD5 checksum: 18476390 00d4a9e3dbb4d4aaf6413956f11fda92
    Size/MD5 checksum:  1713832 6a39a0d7365c737be61622837bac5dca
    Size/MD5 checksum:  7783060 37a93f7334445189a7da139eb49823bb
    Size/MD5 checksum:   395506 132724ad264cc04490ea24e748ce1851
    Size/MD5 checksum:  5328724 b1b99174117f19d4c4b9c623ed01df56
    Size/MD5 checksum:  1051002 41347335283f500399239a1f1a4775d8
    Size/MD5 checksum:   563102 6b985dc902aae54259452d31df50cd24

m68k architecture (Motorola Mc680x0)
    Size/MD5 checksum: 14072444 45218793b9ec9add8c60d7d5b9d5ecff
    Size/MD5 checksum:  1398428 ce0c0458d7823cf25b16597478b4c642
    Size/MD5 checksum:  5284906 3e5fa51be89bd067204ae48559861520
    Size/MD5 checksum:  2665842 ab25785d95a7f3fdadb378be8b06cd0e
    Size/MD5 checksum:   804284 6004dfa406aea7d976c66ad16e719ed7
    Size/MD5 checksum:   279626 a4b26bba2ac95ad3143151284bfeba94
    Size/MD5 checksum:   390416 eca95af258b0c05d028da111b56a4861
    Size/MD5 checksum:  3293164 f8a2690deb9bfa8aaee3e687da053b8f

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:  3182420 da3365e2f5591091b8dac2b0971ecc06
    Size/MD5 checksum:  6053548 8279dfc879a2b2a59f63600a96fdca39
    Size/MD5 checksum:  3813468 bdcb203b023634e31be39fd620fdbc2b
    Size/MD5 checksum:  1479412 86378b3184949727fb41c09b4d4ca7c6
    Size/MD5 checksum: 15410656 11b75dc0f14e6f9269c05687619588f6
    Size/MD5 checksum:   904966 5eda6f9a63f4de3822fbdab24b2032a3
    Size/MD5 checksum:   457402 757c58c311483de54a36d08769f9c1a7
    Size/MD5 checksum:   314286 4c4ada1ce8947b6966fcddb5f22f95d5

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   890636 ce0dd4c2e900f46d4dc05ad8133e3a88
    Size/MD5 checksum:  3800518 c00e254b7f48ae49290cd7dd31753d7a
    Size/MD5 checksum:  5971808 9629c320f1af7853259439fdeae30780
    Size/MD5 checksum:  1446828 6d41d040546857e1f9761f24bab9eda3
    Size/MD5 checksum:   457406 652de57a0f442df039cd6d3b1f16d2de
    Size/MD5 checksum:  3170108 e6aebf4bf3d5104ccc17344b45c57d6d
    Size/MD5 checksum: 15105928 b9763453f6182b1d455318a3c33d1530
    Size/MD5 checksum:   313988 491f203b6400811b9e1e36564bc6ddde

powerpc architecture (PowerPC)
    Size/MD5 checksum:  3842466 2917a7734614ffda7b05b7c405601aee
    Size/MD5 checksum:   464746 c27ca4aef0faba749ed9884a29426264
    Size/MD5 checksum:  3184324 cfad0b1cbf4755e0207f499d8b7d8888
    Size/MD5 checksum:   907956 524cb85860e1095c7f51cf9f99e41fe7
    Size/MD5 checksum: 15403470 ab134b91f282ef187b9a1b8111b232ee
    Size/MD5 checksum:   315226 16e34511be65bced2891ad6c802758ee
    Size/MD5 checksum:  6028094 a40f646aabe6fac0fed85d68e0f2e8af
    Size/MD5 checksum:  1477348 4912345b9fa0387a45145c4a57943e90

s390 architecture (IBM S/390)
    Size/MD5 checksum: 15055668 d9676ace09d308e85753c9948bf71260
    Size/MD5 checksum:   442530 5a5979fc69d824957df213a5359817af
    Size/MD5 checksum:  2830430 1c10f46c702ac43421dab5fd31c99222
    Size/MD5 checksum:  3665930 9e8d73a35f26940bf5ad761a7fbc2cc9
    Size/MD5 checksum:  5461984 d678870cdf69e36fa48f9e7805c8d226
    Size/MD5 checksum:  1539020 499b59166b4fb0645baa3cdb2640f9bb
    Size/MD5 checksum:   884768 e1a53219771e9cda40724ef31d5aeb5a
    Size/MD5 checksum:   324802 3c008c24e23b9388800c735085a2bffd

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:  1460892 671fb72c4664b823d92a967fe62a6def
    Size/MD5 checksum:   430132 53e0deb3e36c605c6e23e1f997ff1cfe
    Size/MD5 checksum:   304778 5b7dcd84615b8d05da23e7a0aaf7d24b
    Size/MD5 checksum: 15392390 3316fb8ca5d77ab41217556778e27a6c
    Size/MD5 checksum:  3270084 c5639359a39f097fabbd579ddf9dcf9f
    Size/MD5 checksum:   868724 1fdb7040fdae0efdbc0efe4a69a12ffb
    Size/MD5 checksum:  6208522 7ca5e1f738d1071826f860343273d97a
    Size/MD5 checksum:  3821768 3910007d21f7e4227b5bef66f8a4b54c

  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>
Version: GnuPG v1.4.6 (GNU/Linux)


- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email:
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.