Summary
The host is running MySQL and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation could allow users to cause a Denial of Service condution.
Impact Level: Application
Solution
Upgrade to MySQL version 5.1.49 or 5.0.92
For updates refer to http://dev.mysql.com/downloads
Insight
The flaws are due to:
- An error in handling of a join query that uses a table with a unique SET column.
- An error in handling of 'EXPLAIN' with crafted
'SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)' statements.
Affected
MySQL version 5.1 before 5.1.49 and 5.0 before 5.0.92 on all running platform.
References
Severity
Classification
-
CVE CVE-2010-3677, CVE-2010-3682 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P
Related Vulnerabilities