| VID |
25059 |
| Severity |
30 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
A version of MySQL which is older than 5.0.37 is running on the host. MySQL 5.x prior to 5.0.36 could allow a local attacker to cause a denial of service (database crash) when processing a single-row subselect query sorted via the "ORDER BY" clause. By sending a specially-crafted SQL query, an authenticated remote attacker with SELECT command privileges could cause the affected database to crash.
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-37.html
http://bugs.mysql.com/bug.php?id=24630
http://www.sec-consult.com/284.html
http://www.securityfocus.com/archive/1/archive/1/462339/100/0/threaded
http://www.frsirt.com/english/advisories/2007/0908
http://secunia.com/advisories/24609
http://secunia.com/advisories/24483
* Platforms Affected:
MySQL AB, MySQL versions prior to 5.0.37
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.0.37 or later), available from the MySQL Download Web site at http://dev.mysql.com/downloads/
For Ubuntu Linux:
Upgrade to a fixed package version of MySQL, as listed in Ubuntu Security Notice USN-440-1 at http://www.ubuntu.com/usn/usn-440-1 |
| Related URL |
CVE-2007-1420 (CVE) |
| Related URL |
22900 (SecurityFocus) |
| Related URL |
32911 (ISS) |
|
