Databases : MySQL 'ALTER DATABASE' Remote DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801380

Categoría: Databases

Título: MySQL 'ALTER DATABASE' Remote DoS Vulnerability

Resumen: MySQL is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
MySQL is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
The flaw is due to an error when processing the 'ALTER DATABASE' statement and
can be exploited to corrupt the MySQL data directory using the '#mysql50#'
prefix followed by a '.' or '..'.

NOTE: Successful exploitation requires 'ALTER' privileges on a database.

Vulnerability Impact:
Successful exploitation could allow an attacker to cause a Denial of Service.

Affected Software/OS:
MySQL version prior to 5.1.48.

Solution:
Update to version 5.1.48 or later.

CVSS Score:
3.5

CVSS Vector:
AV:N/AC:M/Au:S/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2008
BugTraq ID: 41198
http://www.securityfocus.com/bid/41198
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869
http://www.securitytracker.com/id?1024160
http://secunia.com/advisories/40333
http://secunia.com/advisories/40762
http://www.ubuntu.com/usn/USN-1017-1
http://www.ubuntu.com/usn/USN-1397-1
http://www.vupen.com/english/advisories/2010/1918

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801380
Categoría:	Databases
Título:	MySQL 'ALTER DATABASE' Remote DoS Vulnerability
Resumen:	MySQL is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: MySQL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an error when processing the 'ALTER DATABASE' statement and can be exploited to corrupt the MySQL data directory using the '#mysql50#' prefix followed by a '.' or '..'. NOTE: Successful exploitation requires 'ALTER' privileges on a database. Vulnerability Impact: Successful exploitation could allow an attacker to cause a Denial of Service. Affected Software/OS: MySQL version prior to 5.1.48. Solution: Update to version 5.1.48 or later. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2008 BugTraq ID: 41198 http://www.securityfocus.com/bid/41198 http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869 http://www.securitytracker.com/id?1024160 http://secunia.com/advisories/40333 http://secunia.com/advisories/40762 http://www.ubuntu.com/usn/USN-1017-1 http://www.ubuntu.com/usn/USN-1397-1 http://www.vupen.com/english/advisories/2010/1918
Copyright	Copyright (C) 2010 Greenbone AG