[OpenPKG-SA-2003.022] OpenPKG Security Advisory (mysql)

From: OpenPKG (openpkg@openpkg.org)
Date: 03/18/03

  • Next message: OpenPKG: "[OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba)"
    Date: Tue, 18 Mar 2003 16:57:35 +0100
    From: OpenPKG <openpkg@openpkg.org>
    To: bugtraq@securityfocus.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    ________________________________________________________________________

    OpenPKG Security Advisory The OpenPKG Project
    http://www.openpkg.org/security.html http://www.openpkg.org
    openpkg-security@openpkg.org openpkg@openpkg.org
    OpenPKG-SA-2003.022 18-Mar-2003
    ________________________________________________________________________

    Package: mysql
    Vulnerability: remote root exploit
    OpenPKG Specific: no

    Affected Releases: Affected Packages: Corrected Packages:
    OpenPKG CURRENT <= mysql-3.23.55-20030211 >= mysql-3.23.56-20030318
    OpenPKG 1.2 <= mysql-3.23.54a-1.2.1 >= mysql-3.23.54a-1.2.2
    OpenPKG 1.1 <= mysql-3.23.52-1.1.2 >= mysql-3.23.52-1.1.3

    Dependent Packages: none

    Description:
      According to a report on BugTraq [0], a remote root exploit
      vulnerability exists in version 3.23.55 and earlier versions of the
      MySQL server [1]. If the MySQL server is launched by root, as it is
      often done by system startup scripts, any database users with the
      "FILE" privilege can write a configuration file (usually my.cnf) that
      causes the MySQL server to run under an arbitrary user id including
      the user id of the super-user on the next restart.

      Please check whether you are affected by running "<prefix>/bin/rpm -q
      mysql". If you have the "mysql" package installed and its version is
      affected (see above), we recommend that you immediately upgrade it
      (see Solution). [2][3]

    Solution:
      Select the updated source RPM appropriate for your OpenPKG release
      [4][5], fetch it from the OpenPKG FTP service [6][7] or a mirror
      location, verify its integrity [8], build a corresponding binary RPM
      from it [2] and update your OpenPKG installation by applying the
      binary RPM [3]. For the current release OpenPKG 1.2, perform the
      following operations to permanently fix the security problem (for
      other releases adjust accordingly).

      $ ftp ftp.openpkg.org
      ftp> bin
      ftp> cd release/1.2/UPD
      ftp> get mysql-3.23.54a-1.2.2.src.rpm
      ftp> bye
      $ <prefix>/bin/rpm -v --checksig mysql-3.23.54a-1.2.2.src.rpm
      $ <prefix>/bin/rpm --rebuild mysql-3.23.54a-1.2.2.src.rpm
      $ su -
      # <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/mysql-3.23.54a-1.2.2.*.rpm

    ________________________________________________________________________

    References:
      [0] http://www.securityfocus.com/archive/1/314391/2003-03-04/2003-03-10/0
      [1] http://www.mysql.com/
      [2] http://www.openpkg.org/tutorial.html#regular-source
      [3] http://www.openpkg.org/tutorial.html#regular-binary
      [4] ftp://ftp.openpkg.org/release/1.1/UPD/mysql-3.23.52-1.1.3.src.rpm
      [5] ftp://ftp.openpkg.org/release/1.2/UPD/mysql-3.23.54a-1.2.2.src.rpm
      [6] ftp://ftp.openpkg.org/release/1.1/UPD/
      [7] ftp://ftp.openpkg.org/release/1.2/UPD/
      [8] http://www.openpkg.org/security.html#signature
    ________________________________________________________________________

    For security reasons, this advisory was digitally signed with
    the OpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F)
    of the OpenPKG project which you can find under the official URL
    http://www.openpkg.org/openpkg.pgp or on http://keyserver.pgp.com/. To
    check the integrity of this advisory, verify its digital signature by
    using GnuPG (http://www.gnupg.org/). For instance, pipe this message to
    the command "gpg --verify --keyserver keyserver.pgp.com".
    ________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Comment: OpenPKG <openpkg@openpkg.org>

    iD8DBQE+d0EdgHWT4GPEy58RAhGxAKDAaLrjSbB4V2ItfrOCjj8nB13+/ACgqfW9
    unh+dQiYexu1PGIWMLA9F+U=
    =415D
    -----END PGP SIGNATURE-----


  • Next message: OpenPKG: "[OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba)"