The host is running MySQL and is prone to multiple denial of service vulnerabilities.
Successful exploitation could allow an attacker to cause a denial of service and to execute arbitrary code. Impact Level: Application
Upgrade to MySQL version 5.0.92, or 5.1.51 or 5.5.6 For updates refer to http://dev.mysql.com/downloads
The flaws are due to: - An error in propagating the type errors, which allows remote attackers to cause a denial of service via crafted arguments to extreme-value functions such as 'LEAST' or 'GREATEST'. - An unspecified error in vectors related to materializing a derived table that required a temporary table for grouping and user variable assignments. - An error in handling prepared statements that uses GROUP_CONCAT with the WITH ROLLUP modifier. - An error in handling a query that uses the GREATEST or LEAST function with a mixed list of numeric and LONGBLOB arguments.
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6
CVE CVE-2010-3833, CVE-2010-3834, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838
CVSS Base Score: 5.0
- MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
- Oracle Database Server Multiple Information Disclosure Vulnerabilities
- Oracle MySQL Multiple Unspecified vulnerabilities-01 July14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 05 Jan14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities-01 Oct14 (Windows)