Test ID:	1.3.6.1.4.1.25623.1.0.900221
Category:	Denial of Service
Title:	MySQL Empty Bit-String Literal Denial of Service Vulnerability
Summary:	MySQL is prone to a denial of service (DoS) vulnerability.
Description:	Summary: MySQL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Issue is due to error while processing an empty bit string literal via a specially crafted SQL statement. Vulnerability Impact: Successful exploitation by remote attackers could cause denying access to legitimate users. Affected Software/OS: MySQL versions prior to 5.0.x - 5.0.66, 5.1.x - 5.1.26, and 6.0.x - 6.0.5 on all running platform. Solution: Update to version 5.0.66 or 5.1.26 or 6.0.6 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3963 Debian Security Information: DSA-1783 (Google Search) http://www.debian.org/security/2009/dsa-1783 http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 http://www.openwall.com/lists/oss-security/2008/09/09/4 http://www.openwall.com/lists/oss-security/2008/09/09/7 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 http://www.redhat.com/support/errata/RHSA-2009-1067.html http://www.redhat.com/support/errata/RHSA-2009-1289.html http://www.securitytracker.com/id?1020858 http://secunia.com/advisories/31769 http://secunia.com/advisories/32759 http://secunia.com/advisories/32769 http://secunia.com/advisories/34907 http://secunia.com/advisories/36566 SuSE Security Announcement: SUSE-SR:2008:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://www.ubuntu.com/usn/USN-1397-1 http://www.ubuntu.com/usn/USN-671-1 http://www.vupen.com/english/advisories/2008/2554 XForce ISS Database: mysql-bitstring-dos(45042) https://exchange.xforce.ibmcloud.com/vulnerabilities/45042
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.