Summary
The host is running MySQL and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow users to cause a denial of service and to execute arbitrary code.
Impact Level: Application
Solution
Upgrade to MySQL version 5.0.91 or 5.1.47,
For updates refer to http://dev.mysql.com/downloads
Insight
The flaws are due to:
- An error in 'my_net_skip_rest()' function in 'sql/net_serv.cc' when handling a large number of packets that exceed the maximum length, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption).
- buffer overflow when handling 'COM_FIELD_LIST' command with a long table name, allows remote authenticated users to execute arbitrary code.
- directory traversal vulnerability when handling a '..' (dot dot) in a table name, which allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables.
Affected
MySQL 5.0.x before 5.0.91 and 5.1.x before 5.1.47 on all running platform.
References
- http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
- http://securitytracker.com/alerts/2010/May/1024031.html
- http://securitytracker.com/alerts/2010/May/1024032.html
- http://securitytracker.com/alerts/2010/May/1024033.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-1848, CVE-2010-1849, CVE-2010-1850 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- IBM DB2 Client Interfaces component Unspecified Vulnerabilities (Win)
- IBM DB2 db2pd Denial Of Service Vulnerability (Win)
- Oracle MySQL Multiple Unspecified vulnerabilities-02 July14 (Windows)
- PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
- Oracle Database Server Multiple Unspecified Vulnerabilities-02 Jan2014