MySQL < 5.1.47 Multiple Vulnerabilities Network Vulnerability

Summary

MySQL < 5.1.47 is prone to multiple vulnerabilities. 1. A remote denial-of-service vulnerability. Attackers can exploit this issue to cause the application to end up in a locked server state, denying service to legitimate users. 2. A security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and to read and delete content from the affected database. Other attacks may also be possible. Versions prior to MySQL 5.1.47 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://bugs.mysql.com/bug.php?id=50974
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
http://www.mysql.com/
http://www.securityfocus.com/bid/40100
http://www.securityfocus.com/bid/40109

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1848, CVE-2010-1849

CVSS	Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Oracle Database Server Authentication Protocol Security Bypass Vulnerability
MySQL < 5.1.47 Multiple Vulnerabilities
MySQL Unspecified vulnerability-06 July-2013 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities - 01 May14 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities-02 Feb15 (Windows)

Take action and discover your vulnerabilities