MySQL Handler Multiple Denial Of Service Vulnerabilities Network Vulnerability

Summary

The host is running MySQL and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation could allow users to cause a Denial of Service Impact Level: Application

Solution

Upgrade to MySQL version 5.1.49 or 5.5.5 For updates refer to http://dev.mysql.com/downloads

Insight

The flaws are due to: - An error in handling of HANDLER interface and performing alternate reads from two indexes on a table, which triggers an assertion failure. - An error in handling of 'OK' packet when a 'LOAD DATA INFILE' request generates SQL errors.

Affected

MySQL version 5.1 before 5.1.49 and 5.5 before 5.5.5 on all running platform.

References

http://bugs.mysql.com/bug.php?id=54477
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
http://www.openwall.com/lists/oss-security/2010/09/28/10
https://bugzilla.redhat.com/show_bug.cgi?id=628172

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3681, CVE-2010-3683
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

ClamAV LZH File Unpacking Denial of Service Vulnerability (Win)
Connect back to SOCKS4 server
Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability
Apple Safari Denial of Service Vulnerability (Win) - Apr09
Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

Take action and discover your vulnerabilities