| VID |
25062 |
| Severity |
30 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
A version of MySQL which is older than 5.0.45 is running on the host. MySQL versions 5.0.x prior to 5.0.45 are vulnerable to a access-validation vulnerability and a denial-of-service vulnerability. An attacker could exploit these vulnerabilities to create arbitrary MySQL tables or to crash the affected application, denying service to legitimate users.
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html
http://lists.mysql.com/announce/470
http://lists.rpath.com/pipermail/security-announce/2007-July/000213.html
http://secunia.com/advisories/26073
* Platforms Affected:
MySQL AB, MySQL versions 5.0.x prior to 5.0.45
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.0.45 or later), available from the MySQL Web site at http://www.mysql.com/ |
| Related URL |
CVE-2007-3780,CVE-2007-3781,CVE-2007-3782 (CVE) |
| Related URL |
25017 (SecurityFocus) |
| Related URL |
35958,35959,35960 (ISS) |
|
