Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Apps :: b06-3054.htm

MySQL vulnerability

MySQL vulnerability
MySQL vulnerability

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Ubuntu Security Notice USN-303-1              June 16, 2006
mysql-dfsg-4.1, mysql-dfsg-5.0 vulnerability
A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  libmysqlclient14               4.1.12-1ubuntu3.5
  mysql-server-4.1               4.1.12-1ubuntu3.5

Ubuntu 6.06 LTS:
  libmysqlclient15off            5.0.22-0ubuntu6.06
  mysql-server-5.0               5.0.22-0ubuntu6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

An SQL injection vulnerability has been discovered when using less
popular multibyte encodings (such as SJIS, or BIG5) which contain
valid multibyte characters that end with the byte 0x5c (the
representation of the backslash character >>\<< in ASCII). 

Many client libraries and applications use the non-standard, but
popular way of escaping the >>'<< character by replacing all
occurences of it with >>\'<<. If a client application uses one of the
affected encodings and does not interpret multibyte characters, and an
attacker supplies a specially crafted byte sequence as an input string
parameter, this escaping method would then produce a validly-encoded
character and an excess >>'<< character which would end the string.
All subsequent characters would then be interpreted as SQL code, so
the attacker could execute arbitrary SQL commands.

The updated packages fix the mysql_real_escape_string() function to
escape quote characters in a safe way. If you use third-party software
which uses an ad-hoc method of string escaping, you should convert
them to use mysql_real_escape_string() instead, or at least use the
standard SQL method of escaping  >>'<< with  >>''<<.

Updated packages for Ubuntu 5.10:

  Source archives: 
      Size/MD5:   164408 5397489739ab8a6fa1e2d7571ae16ca2 
      Size/MD5:     1024 22dc09e63f2b4127c80c059bd6153c04 
      Size/MD5: 15921909 c7b83a19bd8a4f42d5d64c239d05121f

  Architecture independent packages: 
      Size/MD5:    36658 8445340ee40a549040a29f7f89fa6055

  amd64 architecture (Athlon64, Opteron, EM64T Xeon) 
      Size/MD5:  5831402 04b5f068cace48115f03eaa2945ba4f7 
      Size/MD5:  1540532 52379ea5384399887a5044e2dc70a362 
      Size/MD5:   898266 102c1f4e3a52f002c0072639a38fd1f1 
      Size/MD5: 18433534 0b59eb84f010a37866855db11bc212d4

  i386 architecture (x86 compatible Intel/AMD) 
      Size/MD5:  5347970 10e3a08014562d78a92c78f9473606ad 
      Size/MD5:  1475306 fe18f1652d49ce4f1f01f1fb41293ee0 
      Size/MD5:   866276 c4620364312b32767f4b8c93ca85ea6a 
      Size/MD5: 17336092 c0a7e15a536c68f101d711faca79acd0

  powerpc architecture (Apple Macintosh G3/G4/G5) 
      Size/MD5:  6069036 84fe04fd9e556e03a5f8017b0287056e 
      Size/MD5:  1548894 042a41167cffb3aa116ceca7b144c04a 
      Size/MD5:   937510 b42029e8720887a9414a1e5affdfa2bf 
      Size/MD5: 18523172 687d56f3e0ea63af4bc5d972849e7019

  sparc architecture (Sun SPARC/UltraSPARC) 
      Size/MD5:  5657096 78aec682713ebb64ff7f56f5ec30a390 
      Size/MD5:  1516244 461600c34dd324e019dd5f253864dcb6 
      Size/MD5:   889180 b06d0b10dec55bf34f6af5f93be4bfb1 
      Size/MD5: 17738656 2f56d26f632002847a5aa20d13ac3d69

Updated packages for Ubuntu 6.06 LTS:

  Source archives: 
      Size/MD5:   124884 30192e23eff142a7d8cd474eb3b65c06 
      Size/MD5:     1105 e09e1c03b0e55a97aa2f5b393132596c 
      Size/MD5: 18446645 2b8f36364373461190126817ec872031

  Architecture independent packages: 
      Size/MD5:    36488 bf16f763f6c019d74cd5a55a34954d08 
      Size/MD5:    38988 4b48c8fe34e49ea7690dd847e0210c6e 
      Size/MD5:    36492 51ec1d6030a085747746855f42a247fa

  amd64 architecture (Athlon64, Opteron, EM64T Xeon) 
      Size/MD5:  6724410 3fd45ed8e0dde1ec45da36087fc9b466 
      Size/MD5:  1421368 dd0a24e7f521cae816caaff9dd7b95c1 
      Size/MD5:  6895040 e05408c12fbdeb93ac9af0168a833945 
      Size/MD5: 22490622 353f002eb8bf7adcfb6ac0a2aba200e7

  i386 architecture (x86 compatible Intel/AMD) 
      Size/MD5:  6138262 b8de5bb648d0a6787dc2a75e082fd338 
      Size/MD5:  1382000 458f53b535bf7c4240415b7f112398c2 
      Size/MD5:  6277278 03772cb73d84fbd786024bed75634f17 
      Size/MD5: 21345370 944c51038761b5d180e4a5b9405dd8cd

  powerpc architecture (Apple Macintosh G3/G4/G5) 
      Size/MD5:  6881628 539aaeb27db75c415f86a08a60922bb6 
      Size/MD5:  1461696 da724231e301fc18b0068d2b74aba6da 
      Size/MD5:  6938652 78e94ffbb2e24ca9f0794c412b369009 
      Size/MD5: 22703752 25b58fa42fb62e132fbbc29e99e91176

  sparc architecture (Sun SPARC/UltraSPARC) 
      Size/MD5:  6429614 ae9e41ae750ad73206d9561d59504c5d 
      Size/MD5:  1433786 9e9108f42e43fbdd66fbdaa02d7990ce 
      Size/MD5:  6535966 e909ab275b4ab5fbbc69d2f372532cf3 
      Size/MD5: 21968038 43996ac14852a036d1ed8c4712f94804

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Version: GnuPG v1.4.2.2 (GNU/Linux)



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH