Databases : MySQL < 5.1.47 Multiple Vulnerabilities

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100657

Categoría: Databases

Título: MySQL < 5.1.47 Multiple Vulnerabilities

Resumen: Determine if installed MySQL version is vulnerable

Descripción: Overview:
MySQL < 5.1.47 is prone to multiple vulnerabilities.

1. A remote denial-of-service vulnerability.
Attackers can exploit this issue to cause the application to end up in
a locked server state, denying service to legitimate users.

2. A security-bypass vulnerability.
An attacker can exploit this issue to bypass certain security
restrictions and to read and delete content from the affected
database. Other attacks may also be possible.

Versions prior to MySQL 5.1.47 are vulnerable.

Solution:
Updates are available. Please see the references for more information.

References:
http://www.securityfocus.com/bid/40100
http://www.securityfocus.com/bid/40109
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
http://bugs.mysql.com/bug.php?id=50974
http://www.mysql.com/

Referencia Cruzada: BugTraq ID: 40100
BugTraq ID: 40109
Common Vulnerability Exposure (CVE) ID: CVE-2010-1849
http://lists.mysql.com/commits/106060
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:107
SuSE Security Announcement: SUSE-SR:2010:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
SuSE Security Announcement: SUSE-SR:2010:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7328
http://securitytracker.com/id?1024032
Common Vulnerability Exposure (CVE) ID: CVE-2010-1848
http://lists.mysql.com/commits/107532
http://www.redhat.com/support/errata/RHSA-2010-0442.html
http://www.redhat.com/support/errata/RHSA-2010-0824.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10258
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7210
http://securitytracker.com/id?1024031

Copyright This script is Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100657
Categoría:	Databases
Título:	MySQL < 5.1.47 Multiple Vulnerabilities
Resumen:	Determine if installed MySQL version is vulnerable
Descripción:	Overview: MySQL < 5.1.47 is prone to multiple vulnerabilities. 1. A remote denial-of-service vulnerability. Attackers can exploit this issue to cause the application to end up in a locked server state, denying service to legitimate users. 2. A security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and to read and delete content from the affected database. Other attacks may also be possible. Versions prior to MySQL 5.1.47 are vulnerable. Solution: Updates are available. Please see the references for more information. References: http://www.securityfocus.com/bid/40100 http://www.securityfocus.com/bid/40109 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html http://bugs.mysql.com/bug.php?id=50974 http://www.mysql.com/
Referencia Cruzada:	BugTraq ID: 40100 BugTraq ID: 40109 Common Vulnerability Exposure (CVE) ID: CVE-2010-1849 http://lists.mysql.com/commits/106060 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:107 SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SuSE Security Announcement: SUSE-SR:2010:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7328 http://securitytracker.com/id?1024032 Common Vulnerability Exposure (CVE) ID: CVE-2010-1848 http://lists.mysql.com/commits/107532 http://www.redhat.com/support/errata/RHSA-2010-0442.html http://www.redhat.com/support/errata/RHSA-2010-0824.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10258 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7210 http://securitytracker.com/id?1024031
Copyright	This script is Copyright (C) 2010 Greenbone Networks GmbH