Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 466236 (CVE-2013-1502)

Summary: <dev-db/mysql-5.1.69: Multiple Vulnerabilities (CVE-2013-{1502,1506,1511,1512,1521,1523,1526,1531,1532,1544,1548,1552,1555,1566,1567,1570,2375,2376,2378,2381,2389,2391,2392,2395})
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: critical CC: mysql-bugs, s.hoogeveen
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://secunia.com/advisories/53022/
Whiteboard: A1 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2013-04-17 12:27:10 UTC 
From ${URL} :

Description
Multiple vulnerabilities have been reported in Oracle MySQL, which can be exploited by malicious, 
local users to cause a DoS (Denial of Service) and gain escalated privileges, by malicious users to 
disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), 
and compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service).

1) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

2) An unspecified error in the Server Locking sub-component can be exploited by authenticated users 
to execute arbitrary code.

3) An unspecified error in the Information Schema sub-component can be exploited by authenticated 
users to execute arbitrary code.

4) An unspecified error in the Server sub-component can be exploited by authenticated users to read 
and manipulate some MySQL Server accessible data and cause a partial partial DOS.

5) An unspecified error in the Server Privileges sub-component can be exploited by authenticated 
users to read and manipulate some MySQL Server accessible data and cause a partial partial DOS.

6) An unspecified error in the Server Privileges sub-component can be exploited by authenticated 
users to execute arbitrary code.

7) An unspecified error in the MemCached sub-component can be exploited to cause a DoS.

8) An unspecified error in the Server Optimizer sub-component can be exploited by authenticated 
users to execute arbitrary code.

9) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

10) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

11) An unspecified error in the Information Schema sub-component can be exploited by authenticated 
users to cause a DoS.

12) An unspecified error in the InnoDB sub-component can be exploited by authenticated users to 
cause a DoS.

13) An unspecified error in the Server Optimizer sub-component can be exploited by authenticated 
users to cause a DoS.

14) An unspecified error in the Server Partition sub-component can be exploited by authenticated 
users to cause a DoS.

15) An unspecified error in the Server Replication sub-component can be exploited by authenticated 
users to cause a partial DoS.

16) An unspecified error in the Stored Procedure sub-component can be exploited by authenticated 
users to cause a DoS.

17) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

18) An unspecified error in the InnoDB sub-component can be exploited by authenticated users to 
cause a DoS.

19) An unspecified error in the InnoDB sub-component can be exploited by authenticated users to 
cause a DoS.

20) An unspecified error in the Server Privileges sub-component can be exploited by authenticated 
users to manipulate certain MySQL Server accessible data.

21) An unspecified error in the Server Types sub-component can be exploited by authenticated users 
to cause a DoS.

22) An unspecified error in the Server Install sub-component can be exploited by local users to 
gain escalated privileges.

23) An unspecified error in the Server Locking sub-component can be exploited by authenticated 
users to cause a partial DoS.

24) An unspecified error in the Server Partition sub-component can be exploited by local users to 
cause a DoS.

The vulnerabilities are reported in versions 5.1.67 and prior, 5.5.29 and prior, and 5.6.10 and 
prior.


Solution
Apply updates.
Further details available to Secunia VIM customers

Provided and/or discovered by
It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for 
April 2013 only provides a bundled list of credits. This section will be updated when/if the 
original reporter provides more information.

Original Advisory
Oracle:
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html#AppendixMSQL
http://www.oracle.com/technetwork/topics/security/cpuapril2013verbose-1899563.html#MSQL


@maintainer(s): after the bump, please say explicitly if the package is ready for the stabilization or not
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-04-19 11:23:27 UTC 
CVE-2013-2395 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Data Manipulation Language, a different vulnerability than CVE-2013-1567.

CVE-2013-2392 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Server Optimizer.

CVE-2013-2391 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows local users to affect confidentiality
  and integrity via unknown vectors related to Server Install.

CVE-2013-2389 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to InnoDB.

CVE-2013-2381 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect integrity via unknown vectors related to
  Server Privileges.

CVE-2013-2378 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  confidentiality, integrity, and availability via unknown vectors related to
  Information Schema.

CVE-2013-2376 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376):
  Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and
  earlier allows remote authenticated users to affect availability via unknown
  vectors related to Stored Procedure.

CVE-2013-2375 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  confidentiality, integrity, and availability via unknown vectors.

CVE-2013-1570 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  attackers to affect availability via unknown vectors related to MemCached.

CVE-2013-1567 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Data Manipulation Language, a different vulnerability than CVE-2013-2395.

CVE-2013-1566 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  InnoDB.

CVE-2013-1555 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555):
  Unspecified vulnerability in MySQL 5.1.67 and earlier and 5.5.29 and earlier
  allows remote authenticated users to affect availability via unknown vectors
  related to Server Partition.

CVE-2013-1552 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors.

CVE-2013-1548 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548):
  Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Server Types.

CVE-2013-1544 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Data Manipulation Language.

CVE-2013-1532 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Information Schema.

CVE-2013-1531 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531):
  Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors related to Server
  Privileges.

CVE-2013-1526 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526):
  Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Server Replication.

CVE-2013-1523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523):
  Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors related to Server Optimizer.

CVE-2013-1521 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors related to Server Locking.

CVE-2013-1512 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512):
  Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Data Manipulation Language.

CVE-2013-1511 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511):
  Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and
  earlier allows remote authenticated users to affect availability via unknown
  vectors related to InnoDB.

CVE-2013-1506 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Server Locking.

CVE-2013-1502 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502):
  Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and
  earlier allows local users to affect availability via unknown vectors
  related to Server Partition.
Comment 2 Sebastiaan Hoogeveen 2013-05-01 10:46:38 UTC 
It seems MySQL 5.1.69 fixes these problems for the 5.1 branch, as well as the Geometry crash issue (CVE-2013-1861) described in bug 445602. Is there any time frame known for when, if ever, this version would appear (even masked) in Portage?
Comment 3 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2013-05-06 19:23:26 UTC 
(In reply to comment #2)
> It seems MySQL 5.1.69 fixes these problems for the 5.1 branch, as well as
> the Geometry crash issue (CVE-2013-1861) described in bug 445602. Is there
> any time frame known for when, if ever, this version would appear (even
> masked) in Portage?

Did Oracle release 5.1.69? I still can't find it on their web site[1]. IIRC, this isn't the first time that 5.1.69 is mentioned as having fixed an issue.

 [1] - http://downloads.mysql.com/archives.php?p=mysql-5.1
Comment 4 Sebastiaan Hoogeveen 2013-05-06 19:51:40 UTC 
It appears to be available on http://dev.mysql.com/downloads/mysql/5.1.html#downloads though I have to admit to not testing this release myself. Very odd that it is missing on the other list.
Comment 5 Sergey Popov gentoo-dev 2013-08-29 07:00:46 UTC 
5.1.70 was stabilized in bug #477474, adding to existing GLSA draft
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2013-08-29 09:12:01 UTC 
This issue was resolved and addressed in
 GLSA 201308-06 at http://security.gentoo.org/glsa/glsa-201308-06.xml
by GLSA coordinator Sergey Popov (pinkbyte).