| VID |
25128 |
| Severity |
40 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of MySQL 5.1 installed on the remote host is earlier than 5.1.68 and is, therefore, affected by vulnerabilities related to 'yaSSL'. These errors could result in buffer overflows and possibly arbitrary code execution.
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-68.html
http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0553_buffer_overflow
http://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
* Platforms Affected:
MySQL versions 5.1 prior to 5.1.68
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.1.68 or later), available from the MySQL Web site at http://www.mysql.com/ |
| Related URL |
CVE-2012-0553,CVE-2013-1492 (CVE) |
| Related URL |
58594,58595 (SecurityFocus) |
| Related URL |
(ISS) |
|
