PublicDate: 2005-05-02 04:00:00 UTC
Candidate: CVE-2005-0709
References:
 https://ubuntu.com/security/notices/USN-96-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0709
Description:
 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote
 authenticated users with INSERT and DELETE privileges to execute arbitrary
 code by using CREATE FUNCTION to access libc calls, as demonstrated by
 using strcat, on_exit, and exit.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_mysql-dfsg-4.1: released (4.1.15-1ubuntu5)
edgy_mysql-dfsg-4.1: released (4.1.15-1ubuntu5)
feisty_mysql-dfsg-4.1: DNE
devel_mysql-dfsg-4.1: DNE
dapper_mysql-dfsg: released (4.0.24-10ubuntu2)
edgy_mysql-dfsg: released (4.0.24-10ubuntu2)
feisty_mysql-dfsg: DNE
devel_mysql-dfsg: DNE
dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.3)
edgy_mysql-dfsg-5.0: released (5.0.24a-9ubuntu0.1)
feisty_mysql-dfsg-5.0: released (5.0.38-0ubuntu1)
devel_mysql-dfsg-5.0: released (5.0.38-0ubuntu1)
upstream_mysql-dfsg: needs-triage
upstream_mysql-dfsg-4.1: needs-triage
upstream_mysql-dfsg-5.0: needs-triage