| VID |
25060 |
| Severity |
20 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
A version of MySQL which is older than 5.0.40 / 5.1.18-beta is running on the host. MySQL versions 5.0.x prior to 5.0.40 and 5.1.x prior to 5.1.18-beta could allow a local attacker to cause a denial of service (database crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. By sending a specially-crafted IF query, an authenticated remote attacker with SELECT command privileges could cause the affected database server to crash.
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://bugs.mysql.com/bug.php?id=27513
http://www.frsirt.com/english/advisories/2007/1731
http://secunia.com/advisories/25188
* Platforms Affected:
MySQL AB, MySQL versions 5.0.x prior to 5.0.40
MySQL AB, MySQL versions 5.1.x prior to 5.1.18-beta
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.0.40 or 5.1.18-beta or later), available from the MySQL Web site at http://www.mysql.com/ |
| Related URL |
CVE-2007-2583 (CVE) |
| Related URL |
23911 (SecurityFocus) |
| Related URL |
34232 (ISS) |
|
