MySQL Handler Multiple Denial Of Service Vulnerabilities Network Vulnerability

Summary

The host is running MySQL and is prone to multiple denial of service vulnerabilities.

Impact

Successful exploitation could allow users to cause a Denial of Service Impact Level: Application

Solution

Upgrade to MySQL version 5.1.49 or 5.5.5 For updates refer to http://dev.mysql.com/downloads

Insight

The flaws are due to: - An error in handling of HANDLER interface and performing alternate reads from two indexes on a table, which triggers an assertion failure. - An error in handling of 'OK' packet when a 'LOAD DATA INFILE' request generates SQL errors.

Affected

MySQL version 5.1 before 5.1.49 and 5.5 before 5.5.5 on all running platform.

References

http://bugs.mysql.com/bug.php?id=54477
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
http://www.openwall.com/lists/oss-security/2010/09/28/10
https://bugzilla.redhat.com/show_bug.cgi?id=628172

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3681, CVE-2010-3683

CVSS	Base Score: 4.0 AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Crash SMC AP
CUPS 'scheduler/select.c' Denial Of Service Vulnerability
Firefox XUL Parsing Denial of Service Vulnerability (Linux)
Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
COWON Media Center JetAudio .wav File Denial Of Service Vulnerability

Take action and discover your vulnerabilities