Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://bugs.mysql.com/bug.php?id=4017
http://lists.mysql.com/internals/14726
http://rhn.redhat.com/errata/RHSA-2004-611.html
http://www.osvdb.org/displayvuln.php?osvdb_id=10658 http://www.vuxml.org/freebsd/835256b8-46ed-11d9-8ce0-00065be4b5b6.html
Insight
The following packages are affected:
mysql-server
mysql-client
CVE-2004-0836
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
Severity
Classification
-
CVE CVE-2004-0836 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities