| VID |
25090 |
| Severity |
30 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
A version of MySQL which is older than 5.1.47 is running on the host. MySQL versions 5.x prior to 5.1.47 are Multiple Vulnerabilities.
- The server may continue reading packets indefinitely if it receives a packet largers than the maximum size of one packet, which could allow an unauthenticated
remote attacker to consume a high level of CPU and bandwidth. (Bug #50974)
- Using an overly long table name argument to the 'COM_FIELD_LIST' command, an authenticated user can overflow a buffer and execute arbitrary code on the affected host. (Bug #53237)
- Using a specially crafted table name argument to 'COM_FIELD_LIST', an authenticated user can bypass almost all forms of checks for privileges and table- level grants. (Bug #53371)
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://bugs.mysql.com/bug.php?id=50974
http://bugs.mysql.com/bug.php?id=53237
http://bugs.mysql.com/bug.php?id=53371
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
* Platforms Affected:
MySQL versions 5.x prior to 5.1.47
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.1.47 or later), available from the MySQL Web site at http://www.mysql.com/ |
| Related URL |
CVE-2010-1848,CVE-2010-1849,CVE-2010-1850 (CVE) |
| Related URL |
40100,40106,40109 (SecurityFocus) |
| Related URL |
(ISS) |
|
