MySQL Single Row Subselect Remote DoS Network Vulnerability

Summary

The remote database server is prone to a denial of service attack. Description : According to its banner, the version of MySQL on the remote host is older than 5.0.37. Such versions are vulnerable to a remote denial of service when processing certain single row subselect queries. A malicious user can crash the service via a specially-crafted SQL query.

Solution

Upgrade to MySQL version 5.0.37 or newer.

References

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-37.html
http://www.sec-consult.com/284.html
http://www.securityfocus.com/archive/1/archive/1/462339/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-1420
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

PostgreSQL Low Cost Function Information Disclosure Vulnerability
MySQL Single Row Subselect Remote DoS
IBM DB2 STMM Denial Of Service Vulnerability (Linux)
MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
IBM DB2 XML Feature Information Disclosure Vulnerability

Take action and discover your vulnerabilities