CVE-2012-4414

Published: 22 January 2013

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

Notes

mysql-cluster-7.0 not supported per Ubuntu Server team
As of 2012/01/09, Oracle no longer supports MySQL 5.0.
Unfortunately, because of upstream update and commit policies it is not
possible to backport patches from later releases. Ubuntu is regrettably
unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu
10.04 LTS or later.

incomplete fix in 5.5.29, see:
http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/

watch for fix in 5.5.31
Debian released 5.5.30+dfsg-1 claiming to have fixed this issue
as of 2013-03-25, no complete fix from upstream

Not actually fixed in 1807-1 -- my mistake

Status

References

• http://www.openwall.com/lists/oss-security/2012/09/11/4
• https://www.cve.org/CVERecord?id=CVE-2012-4414
• NVD
• Launchpad
• Debian

Bugs

• http://bugs.mysql.com/bug.php?id=66550
• https://mariadb.atlassian.net/browse/MDEV-382
• https://bugs.launchpad.net/ubuntu/+source/mysql-5.5/+bug/1154675
• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698068