ID de Prueba:	1.3.6.1.4.1.25623.1.0.801566
Categoría:	Denial of Service
Título:	MySQL Multiple Denial Of Service Vulnerabilities
Resumen:	MySQL is prone to multiple denial of service vulnerabilities.
Descripción:	Summary: MySQL is prone to multiple denial of service vulnerabilities. Vulnerability Insight: The flaws are due to: - An error in 'storage/innobase/dict/dict0crea.c' in 'mysqld' allows remote authenticated users to cause a denial of service by modifying the innodb_file_format or innodb_file_per_table configuration parameters for the InnoDB storage engine. - An error in handling of 'IN' or 'CASE' operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. - An error in handling of certain arguments to the BINLOG command, which triggers an access of uninitialized memory. - An error in creating temporary tables while using InnoDB, which triggers an assertion failure. Vulnerability Impact: Successful exploitation could allow users to cause a Denial of Service. Affected Software/OS: MySQL version 5.1 before 5.1.49 on all running platforms. Solution: Upgrade to MySQL version 5.1.49. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3676 BugTraq ID: 42643 http://www.securityfocus.com/bid/42643 http://www.mandriva.com/security/advisories?name=MDVSA-2011:012 http://www.openwall.com/lists/oss-security/2010/09/28/10 http://www.vupen.com/english/advisories/2011/0133 XForce ISS Database: mysql-dictocrea-dos(64689) https://exchange.xforce.ibmcloud.com/vulnerabilities/64689 Common Vulnerability Exposure (CVE) ID: CVE-2010-3679 BugTraq ID: 42638 http://www.securityfocus.com/bid/42638 http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 http://www.redhat.com/support/errata/RHSA-2011-0164.html http://secunia.com/advisories/42936 http://www.ubuntu.com/usn/USN-1017-1 http://www.ubuntu.com/usn/USN-1397-1 http://www.vupen.com/english/advisories/2011/0170 XForce ISS Database: mysql-binlog-command-dos(64687) https://exchange.xforce.ibmcloud.com/vulnerabilities/64687 Common Vulnerability Exposure (CVE) ID: CVE-2010-3678 BugTraq ID: 42596 http://www.securityfocus.com/bid/42596 SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3680 BugTraq ID: 42598 http://www.securityfocus.com/bid/42598 Debian Security Information: DSA-2143 (Google Search) http://www.debian.org/security/2011/dsa-2143 http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 http://www.redhat.com/support/errata/RHSA-2010-0825.html http://secunia.com/advisories/42875 TurboLinux Advisory: TLSA-2011-3 http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt http://www.vupen.com/english/advisories/2011/0105 http://www.vupen.com/english/advisories/2011/0345 XForce ISS Database: mysql-innodb-dos(64686) https://exchange.xforce.ibmcloud.com/vulnerabilities/64686
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.