CVE-2009-5026

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2009-5026 at MITRE

Description

The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.

NVD CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 726602

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libmysqlclient-devel >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libmysqlclient-devel >= 5.0.96-0.4.1
  • libmysqlclient_r15-x86 >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libmysqlclient-devel >= 5.0.96-0.4.1
  • libmysqlclient_r15-32bit >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • libmysqlclient15 >= 5.0.96-0.4.1
  • libmysqlclient_r15 >= 5.0.96-0.4.1
  • mysql >= 5.0.96-0.4.1
  • mysql-client >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • libmysqlclient15 >= 5.0.96-0.4.1
  • libmysqlclient15-32bit >= 5.0.96-0.4.1
  • libmysqlclient_r15 >= 5.0.96-0.4.1
  • libmysqlclient_r15-32bit >= 5.0.96-0.4.1
  • mysql >= 5.0.96-0.4.1
  • mysql-client >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • libmysqlclient15 >= 5.0.96-0.4.1
  • libmysqlclient15-32bit >= 5.0.96-0.4.1
  • libmysqlclient_r15 >= 5.0.96-0.4.1
  • mysql >= 5.0.96-0.4.1
  • mysql-Max >= 5.0.96-0.4.1
  • mysql-client >= 5.0.96-0.4.1
  • mysql-tools >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • libmysqlclient15 >= 5.0.96-0.4.1
  • libmysqlclient_r15 >= 5.0.96-0.4.1
  • mysql >= 5.0.96-0.4.1
  • mysql-Max >= 5.0.96-0.4.1
  • mysql-client >= 5.0.96-0.4.1
  • mysql-tools >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
  • libmysqlclient15 >= 5.0.96-0.4.1
  • libmysqlclient15-x86 >= 5.0.96-0.4.1
  • libmysqlclient_r15 >= 5.0.96-0.4.1
  • mysql >= 5.0.96-0.4.1
  • mysql-Max >= 5.0.96-0.4.1
  • mysql-client >= 5.0.96-0.4.1
  • mysql-tools >= 5.0.96-0.4.1
sle11-sp2-sdk.x86
sles11-sp1-vmware.x86-64
sles11-sp2.ia64
sled11-sp2.x86
sled11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.ia64
sled11-sp1.x86
sle11-sp1-sdk.s390x
sle11-sp1-sdk.ppc
sle11-sp2-sdk.ppc
sles11-sp2.s390x
sles11-sp2.ppc
sles11-sp2.x86-64
sle11-sp1-sdk.ia64
sle11-sp2-sdk.s390x
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sles11-sp1.ppc
sles11-sp1.x86
sled11-sp1.x86-64
sles11-sp2.x86
sles11-sp1.x86-64
sles11-sp1.s390x
sle11-sp1-sdk.x86-64
sle11-sp1-sdk.x86
SAT Patch Nr: 6613
openSUSE 11.4
  • libmysqlclusterclient16 >= 7.1.21-52.1
  • libmysqlclusterclient16-debuginfo >= 7.1.21-52.1
  • libmysqlclusterclient_r16 >= 7.1.21-52.1
  • libmysqlclusterclient_r16-debuginfo >= 7.1.21-52.1
  • mysql-cluster >= 7.1.21-52.1
  • mysql-cluster-bench >= 7.1.21-52.1
  • mysql-cluster-bench-debuginfo >= 7.1.21-52.1
  • mysql-cluster-client >= 7.1.21-52.1
  • mysql-cluster-client-debuginfo >= 7.1.21-52.1
  • mysql-cluster-debug >= 7.1.21-52.1
  • mysql-cluster-debug-debuginfo >= 7.1.21-52.1
  • mysql-cluster-debuginfo >= 7.1.21-52.1
  • mysql-cluster-debugsource >= 7.1.21-52.1
  • mysql-cluster-ndb-extra >= 7.1.21-52.1
  • mysql-cluster-ndb-extra-debuginfo >= 7.1.21-52.1
  • mysql-cluster-ndb-management >= 7.1.21-52.1
  • mysql-cluster-ndb-management-debuginfo >= 7.1.21-52.1
  • mysql-cluster-ndb-storage >= 7.1.21-52.1
  • mysql-cluster-ndb-storage-debuginfo >= 7.1.21-52.1
  • mysql-cluster-ndb-tools >= 7.1.21-52.1
  • mysql-cluster-ndb-tools-debuginfo >= 7.1.21-52.1
  • mysql-cluster-test >= 7.1.21-52.1
  • mysql-cluster-test-debuginfo >= 7.1.21-52.1
  • mysql-cluster-tools >= 7.1.21-52.1
  • mysql-cluster-tools-debuginfo >= 7.1.21-52.1
Patchnames:
openSUSE-2012-276