Summary
The remote host is running a version of the MySQL database which is older than 4.0.21 or 3.23.59.
MySQL is a database which runs on both Linux/BSD and Windows platform.
The remote version of this software is vulnerable to specially crafted ALTER TABLE SQL query which can be exploited to bypass some applied security restrictions or cause a denial of service.
To exploit this flaw, an attacker would need the ability to execute arbitrary SQL statements on the remote host.
Solution
Upgrade to the latest version of MySQL 3.23.59 or 4.0.21 or newer
Severity
Classification
-
CVE CVE-2004-0835, CVE-2004-0837 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Aast! Antivirus 'aavmker4.sys' Denial Of Service Vulnerability (Win)
- freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
- Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
- Adersoft VbsEdit '.vbs' File Denial Of Service Vulnerability
- Apple Safari Multiple Vulnerabilities June-09 (Win) - II