MySQL Single Row Subselect Remote DoS Network Vulnerability

Summary

The remote database server is prone to a denial of service attack. Description : According to its banner, the version of MySQL on the remote host is older than 5.0.37. Such versions are vulnerable to a remote denial of service when processing certain single row subselect queries. A malicious user can crash the service via a specially-crafted SQL query.

Solution

Upgrade to MySQL version 5.0.37 or newer.

References

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-37.html
http://www.sec-consult.com/284.html
http://www.securityfocus.com/archive/1/archive/1/462339/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-1420

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

MySQL Single Row Subselect Remote DoS
Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows)
Oracle MySQL Multiple Unspecified vulnerabilities - 06 Jan14 (Windows)
Apache Derby Information Disclosure Vulnerability
PostgreSQL Low Cost Function Information Disclosure Vulnerability

Take action and discover your vulnerabilities