Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 466236 (CVE-2013-1502) - <dev-db/mysql-5.1.69: Multiple Vulnerabilities (CVE-2013-{1502,1506,1511,1512,1521,1523,1526,1531,1532,1544,1548,1552,1555,1566,1567,1570,2375,2376,2378,2381,2389,2391,2392,2395})
Summary: <dev-db/mysql-5.1.69: Multiple Vulnerabilities (CVE-2013-{1502,1506,1511,1512...
Status: RESOLVED FIXED
Alias: CVE-2013-1502
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal critical (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/53022/
Whiteboard: A1 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2013-04-17 12:27 UTC by Agostino Sarubbo
Modified: 2013-08-29 09:12 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-04-17 12:27:10 UTC
From ${URL} :

Description
Multiple vulnerabilities have been reported in Oracle MySQL, which can be exploited by malicious, 
local users to cause a DoS (Denial of Service) and gain escalated privileges, by malicious users to 
disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), 
and compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service).

1) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

2) An unspecified error in the Server Locking sub-component can be exploited by authenticated users 
to execute arbitrary code.

3) An unspecified error in the Information Schema sub-component can be exploited by authenticated 
users to execute arbitrary code.

4) An unspecified error in the Server sub-component can be exploited by authenticated users to read 
and manipulate some MySQL Server accessible data and cause a partial partial DOS.

5) An unspecified error in the Server Privileges sub-component can be exploited by authenticated 
users to read and manipulate some MySQL Server accessible data and cause a partial partial DOS.

6) An unspecified error in the Server Privileges sub-component can be exploited by authenticated 
users to execute arbitrary code.

7) An unspecified error in the MemCached sub-component can be exploited to cause a DoS.

8) An unspecified error in the Server Optimizer sub-component can be exploited by authenticated 
users to execute arbitrary code.

9) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

10) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

11) An unspecified error in the Information Schema sub-component can be exploited by authenticated 
users to cause a DoS.

12) An unspecified error in the InnoDB sub-component can be exploited by authenticated users to 
cause a DoS.

13) An unspecified error in the Server Optimizer sub-component can be exploited by authenticated 
users to cause a DoS.

14) An unspecified error in the Server Partition sub-component can be exploited by authenticated 
users to cause a DoS.

15) An unspecified error in the Server Replication sub-component can be exploited by authenticated 
users to cause a partial DoS.

16) An unspecified error in the Stored Procedure sub-component can be exploited by authenticated 
users to cause a DoS.

17) An unspecified error in the Data Manipulation Language sub-component can be exploited by 
authenticated users to cause a DoS.

18) An unspecified error in the InnoDB sub-component can be exploited by authenticated users to 
cause a DoS.

19) An unspecified error in the InnoDB sub-component can be exploited by authenticated users to 
cause a DoS.

20) An unspecified error in the Server Privileges sub-component can be exploited by authenticated 
users to manipulate certain MySQL Server accessible data.

21) An unspecified error in the Server Types sub-component can be exploited by authenticated users 
to cause a DoS.

22) An unspecified error in the Server Install sub-component can be exploited by local users to 
gain escalated privileges.

23) An unspecified error in the Server Locking sub-component can be exploited by authenticated 
users to cause a partial DoS.

24) An unspecified error in the Server Partition sub-component can be exploited by local users to 
cause a DoS.

The vulnerabilities are reported in versions 5.1.67 and prior, 5.5.29 and prior, and 5.6.10 and 
prior.


Solution
Apply updates.
Further details available to Secunia VIM customers

Provided and/or discovered by
It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for 
April 2013 only provides a bundled list of credits. This section will be updated when/if the 
original reporter provides more information.

Original Advisory
Oracle:
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html#AppendixMSQL
http://www.oracle.com/technetwork/topics/security/cpuapril2013verbose-1899563.html#MSQL


@maintainer(s): after the bump, please say explicitly if the package is ready for the stabilization or not
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-04-19 11:23:27 UTC
CVE-2013-2395 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Data Manipulation Language, a different vulnerability than CVE-2013-1567.

CVE-2013-2392 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Server Optimizer.

CVE-2013-2391 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows local users to affect confidentiality
  and integrity via unknown vectors related to Server Install.

CVE-2013-2389 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to InnoDB.

CVE-2013-2381 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect integrity via unknown vectors related to
  Server Privileges.

CVE-2013-2378 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  confidentiality, integrity, and availability via unknown vectors related to
  Information Schema.

CVE-2013-2376 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376):
  Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and
  earlier allows remote authenticated users to affect availability via unknown
  vectors related to Stored Procedure.

CVE-2013-2375 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  confidentiality, integrity, and availability via unknown vectors.

CVE-2013-1570 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  attackers to affect availability via unknown vectors related to MemCached.

CVE-2013-1567 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Data Manipulation Language, a different vulnerability than CVE-2013-2395.

CVE-2013-1566 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566):
  Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  InnoDB.

CVE-2013-1555 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555):
  Unspecified vulnerability in MySQL 5.1.67 and earlier and 5.5.29 and earlier
  allows remote authenticated users to affect availability via unknown vectors
  related to Server Partition.

CVE-2013-1552 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors.

CVE-2013-1548 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548):
  Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Server Types.

CVE-2013-1544 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Data Manipulation Language.

CVE-2013-1532 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532):
  Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Information Schema.

CVE-2013-1531 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531):
  Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors related to Server
  Privileges.

CVE-2013-1526 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526):
  Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Server Replication.

CVE-2013-1523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523):
  Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors related to Server Optimizer.

CVE-2013-1521 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and
  earlier allows remote authenticated users to affect confidentiality,
  integrity, and availability via unknown vectors related to Server Locking.

CVE-2013-1512 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512):
  Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote
  authenticated users to affect availability via unknown vectors related to
  Data Manipulation Language.

CVE-2013-1511 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511):
  Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and
  earlier allows remote authenticated users to affect availability via unknown
  vectors related to InnoDB.

CVE-2013-1506 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506):
  Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and
  earlier, and 5.6.10 and earlier allows remote authenticated users to affect
  availability via unknown vectors related to Server Locking.

CVE-2013-1502 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502):
  Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and
  earlier allows local users to affect availability via unknown vectors
  related to Server Partition.
Comment 2 Sebastiaan Hoogeveen 2013-05-01 10:46:38 UTC
It seems MySQL 5.1.69 fixes these problems for the 5.1 branch, as well as the Geometry crash issue (CVE-2013-1861) described in bug 445602. Is there any time frame known for when, if ever, this version would appear (even masked) in Portage?
Comment 3 Jorge Manuel B. S. Vicetto Gentoo Infrastructure gentoo-dev 2013-05-06 19:23:26 UTC
(In reply to comment #2)
> It seems MySQL 5.1.69 fixes these problems for the 5.1 branch, as well as
> the Geometry crash issue (CVE-2013-1861) described in bug 445602. Is there
> any time frame known for when, if ever, this version would appear (even
> masked) in Portage?

Did Oracle release 5.1.69? I still can't find it on their web site[1]. IIRC, this isn't the first time that 5.1.69 is mentioned as having fixed an issue.

 [1] - http://downloads.mysql.com/archives.php?p=mysql-5.1
Comment 4 Sebastiaan Hoogeveen 2013-05-06 19:51:40 UTC
It appears to be available on http://dev.mysql.com/downloads/mysql/5.1.html#downloads though I have to admit to not testing this release myself. Very odd that it is missing on the other list.
Comment 5 Sergey Popov gentoo-dev Security 2013-08-29 07:00:46 UTC
5.1.70 was stabilized in bug #477474, adding to existing GLSA draft
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2013-08-29 09:12:01 UTC
This issue was resolved and addressed in
 GLSA 201308-06 at http://security.gentoo.org/glsa/glsa-201308-06.xml
by GLSA coordinator Sergey Popov (pinkbyte).