Your submission was sent successfully! Close

USN-109-1: MySQL vulnerability

6 April 2005

MySQL vulnerability

Releases

Details

USN-32-1 fixed a database privilege escalation vulnerability; original
advisory text:

"If a user was granted privileges to a database with a name
containing an underscore ("_"), the user also gained the ability to
grant privileges to other databases with similar names.
(CAN-2004-0957)"

Recently a corner case was discovered where this vulnerability can
still be exploited, so another update is necessary.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10
  • mysql-server -

In general, a standard system update will make all the necessary changes.

References

Related notices