Summary
The remote host is running a version of the MySQL database which is older than 4.0.21 or 3.23.59.
MySQL is a database which runs on both Linux/BSD and Windows platform.
The remote version of this software is vulnerable to specially crafted ALTER TABLE SQL query which can be exploited to bypass some applied security restrictions or cause a denial of service.
To exploit this flaw, an attacker would need the ability to execute arbitrary SQL statements on the remote host.
Solution
Upgrade to the latest version of MySQL 3.23.59 or 4.0.21 or newer
Severity
Classification
-
CVE CVE-2004-0835, CVE-2004-0837 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- 7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
- CA Multiple Products 'arclib' Component DoS Vulnerability (Win)
- Foxit Reader Multiple Denial of Service Vulnerabilities - Jun09
- Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability
- CUPS IPP Use-After-Free Denial of Service Vulnerability