USN-1658-1: MySQL vulnerability
10 December 2012
MySQL could be made to run programs if it received specially crafted network traffic from an authenticated user.
Releases
Packages
- mysql-5.1 - MySQL database
- mysql-5.5 - MySQL database
- mysql-dfsg-5.1 - MySQL database
Details
It was discovered that MySQL incorrectly handled certain long arguments. A
remote authenticated attacker could use this issue to possibly execute
arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 10.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-1703-1: mysql-5.5, mysql-server-5.1, mysql-5.1, mysql-server-5.5, mysql-dfsg-5.1