Test ID:	1.3.6.1.4.1.25623.1.0.100646
Category:	Buffer overflow
Title:	Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
Summary:	Determine if installed MySQL version is vulnerable
Description:	Overview: MySQL is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An authenticated attacker can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Versions prior to MySQL 5.1.47 are vulnerable. References: http://www.securityfocus.com/bid/40106 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html http://bugs.mysql.com/bug.php?id=53237 http://www.mysql.com/
Cross-Ref:	BugTraq ID: 40106 Common Vulnerability Exposure (CVE) ID: CVE-2010-1850 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:107 http://www.redhat.com/support/errata/RHSA-2010-0442.html SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10846 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6693 http://securitytracker.com/id?1024033
Copyright	This script is Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: