| VID |
25320 |
| Severity |
30 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of MariaDB installed on the remote host is 10.1.x prior to 10.1.42. It is, therefore, affected by a denial of service vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer and PS). An authenticated, remote attacker can exploit this issue, to cause a hang or frequently repeatable crash of MySQL Server.
* References:
https://mariadb.com/kb/en/mariadb-10142-release-notes
* Platforms Affected:
MariaDB versions 10.1.x prior to 10.1.42
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MariaDB (10.1.42 or later), available from the MariaDB Web site at https://downloads.mariadb.org/ |
| Related URL |
CVE-2019-2974 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
