Summary
The host is running MySQL and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow users to cause a denial of service and to execute arbitrary code.
Impact Level: Application
Solution
Upgrade to MySQL version 5.0.91 or 5.1.47,
For updates refer to http://dev.mysql.com/downloads
Insight
The flaws are due to:
- An error in 'my_net_skip_rest()' function in 'sql/net_serv.cc' when handling a large number of packets that exceed the maximum length, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption).
- buffer overflow when handling 'COM_FIELD_LIST' command with a long table name, allows remote authenticated users to execute arbitrary code.
- directory traversal vulnerability when handling a '..' (dot dot) in a table name, which allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables.
Affected
MySQL 5.0.x before 5.0.91 and 5.1.x before 5.1.47 on all running platform.
References
- http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
- http://securitytracker.com/alerts/2010/May/1024031.html
- http://securitytracker.com/alerts/2010/May/1024032.html
- http://securitytracker.com/alerts/2010/May/1024033.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-1848, CVE-2010-1849, CVE-2010-1850 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- Oracle MySQL Multiple Unspecified vulnerabilities-02 July14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 02 Jan14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities-03 Feb15 (Windows)
- MongoDB mongod Malformed X.509 Certificate Handling Remote DoS Vulnerability
- PostgreSQL 'make check' Local Privilege Escalation Vulnerability July14 (Windows)