This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mysql:mysql:4.0.20
Detail
VendorMysqlFirst view 2004-09-28
ProductMysqlLast view2015-04-16
Version4.0.20TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mysql:mysql

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.92015-04-16CVE-2015-2575NetworkMediumRequires ...
5.52013-01-16CVE-2013-0375NetworkLowRequires ...
6.82012-10-16CVE-2012-3177NetworkLowRequires ...
42012-10-16CVE-2012-3166NetworkLowRequires ...
2.12012-10-16CVE-2012-3160LocalLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42012-05-03CVE-2012-1697NetworkLowRequires ...
42012-05-03CVE-2012-1696NetworkLowRequires ...
42011-01-11CVE-2010-3682NetworkLowRequires ...
42011-01-11CVE-2010-3677NetworkLowRequires ...
3.52010-07-13CVE-2010-2008NetworkMediumRequires ...
3.62010-05-21CVE-2010-1626LocalLowNone Requ...
52010-05-14CVE-2010-1621NetworkLowNone Requ...
6.82009-11-30CVE-2009-4028NetworkMediumNone Requ...
8.52009-07-13CVE-2009-2446NetworkMediumRequires ...
42009-03-04CVE-2009-0819NetworkLowRequires ...
4.62008-09-18CVE-2008-4098NetworkHighRequires ...
4.62008-05-05CVE-2008-2079NetworkHighRequires ...
42007-11-09CVE-2007-5925NetworkLowRequires ...
4.92007-05-15CVE-2007-2691NetworkMediumRequires ...
42007-05-09CVE-2007-2583NetworkLowRequires ...
2.12007-03-12CVE-2007-1420LocalLowNone Requ...
3.52006-12-31CVE-2006-7232NetworkMediumRequires ...
3.62006-08-18CVE-2006-4226NetworkHighRequires ...
2.12006-08-09CVE-2006-4031LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
20% (3)CWE-264Permissions, Privileges, and Access Controls
20% (3)CWE-20Improper Input Validation
13% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
13% (2)CWE-59Improper Link Resolution Before File Access ('Link Following')
6% (1)CWE-399Resource Management Errors
Hide | Show 4 More...
%idName
6% (1)CWE-189Numeric Errors
6% (1)CWE-134Uncontrolled Format String
6% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
6% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-15Command Delimiters

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:7905DSA-1877 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
oval:org.mitre.oval:def:12751DSA-1877-1 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
oval:org.mitre.oval:def:11857Multiple format string vulnerabilities in the dispatch_command function in li...
oval:org.mitre.oval:def:22888ELSA-2009:1289: mysql security and bug fix update (Moderate)
oval:org.mitre.oval:def:28888RHSA-2009:1289 -- mysql security and bug fix update (Moderate)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:9930The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5...
oval:org.mitre.oval:def:11720sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows rem...
oval:org.mitre.oval:def:9591MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names...
oval:org.mitre.oval:def:11036sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to...
oval:org.mitre.oval:def:10468MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:9530MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data...
oval:org.mitre.oval:def:10479MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:7544MySQL 6.0 and 5.1 XPath Expression DOS Vulnerability
oval:org.mitre.oval:def:20366DSA-1413-1 mysql - multiple
oval:org.mitre.oval:def:11390The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB en...
oval:org.mitre.oval:def:21851ELSA-2007:1155: mysql security update (Important)
oval:org.mitre.oval:def:10693The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp metho...
oval:org.mitre.oval:def:9915MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via ...
oval:org.mitre.oval:def:8510MySQL 5.0 and 5.1 Clients with OpenSSL Vulnerability Allows Bypassing Server ...
oval:org.mitre.oval:def:10940The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5...
oval:org.mitre.oval:def:9490MySQL before 5.1.46 allows local users to delete the data and index files of ...
oval:org.mitre.oval:def:10591MySQL before 5.0.67 allows local users to bypass certain privilege checks by ...
oval:org.mitre.oval:def:11869Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
oval:org.mitre.oval:def:17175Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Se...
oval:org.mitre.oval:def:10729MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
67383MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Derefer...
67378MySQL Unique SET Column Join DoS
65851MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
64843MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
63903MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Comm...
Hide | Show 20 More...
idDescription
60487MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
55734MySQL sql_parse.cc dispatch_command() Function Format String DoS
52453MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath...
51171MySQL InnoDB convert_search_mode_to_innobase Function DoS
44937MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
43180MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
34766MySQL RENAME TABLE Statement Arbitrary Table Name Modification
34734MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
33974MySQL information_schema Table Subselect Single-Row DoS
28012MySQL Case Sensitivity Unauthorized Database Creation
27703MySQL MERGE Table Privilege Persistence
25228MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
25226MySQL Malformed Login Packet Remote Memory Disclosure
23526MySQL Query NULL Charcter Logging Bypass
18897MySQL on Windows UDF Create Function Traversal Privilege Escalation
18896MySQL User-Defined Function init_syms() Function Overflow
14678MySQL CREATE FUNCTION Arbitrary libc Code Execution
14677MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
14676MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
13013MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-15Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
Hide | Show 20 More...
idDescription
2012-11-06Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-06-05Name : RedHat Update for mysql RHSA-2011:0164-01
File : nvt/gb_RHSA-2011_0164-01_mysql.nasl
2012-03-16Name : Ubuntu Update for mysql-5.1 USN-1397-1
File : nvt/gb_ubuntu_USN_1397_1.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201201-02 (MySQL)
File : nvt/glsa_201201_02.nasl
2011-08-19Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
File : nvt/secpod_macosx_su11-004.nasl
2011-08-09Name : CentOS Update for mysql CESA-2010:0109 centos5 i386
File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl
2011-08-09Name : CentOS Update for mysql CESA-2010:0442 centos5 i386
File : nvt/gb_CESA-2010_0442_mysql_centos5_i386.nasl
2011-08-09Name : CentOS Update for mysql CESA-2009:1289 centos5 i386
File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl
2011-01-21Name : Mandriva Update for mysql MDVSA-2011:012 (mysql)
File : nvt/gb_mandriva_MDVSA_2011_012.nasl
2011-01-18Name : MySQL Mysqld Multiple Denial Of Service Vulnerabilities
File : nvt/gb_mysql_mysqld_mult_dos_vuln.nasl
2010-12-02Name : Fedora Update for mysql FEDORA-2010-15147
File : nvt/gb_fedora_2010_15147_mysql_fc14.nasl
2010-11-16Name : Ubuntu Update for MySQL vulnerabilities USN-1017-1
File : nvt/gb_ubuntu_USN_1017_1.nasl
2010-11-16Name : RedHat Update for mysql RHSA-2010:0825-01
File : nvt/gb_RHSA-2010_0825-01_mysql.nasl
2010-11-16Name : Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_155_1.nasl
2010-11-16Name : Mandriva Update for mysql MDVSA-2010:222 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_222.nasl
2010-10-19Name : Fedora Update for mysql FEDORA-2010-15166
File : nvt/gb_fedora_2010_15166_mysql_fc13.nasl
2010-09-07Name : Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
File : nvt/gb_mysql_5_1_49.nasl
2010-08-24Name : Mandriva Update for mysql MDVSA-2010:155 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_155.nasl
2010-08-06Name : Fedora Update for mysql FEDORA-2010-11126
File : nvt/gb_fedora_2010_11126_mysql_fc12.nasl
2010-07-30Name : Fedora Update for mysql FEDORA-2010-11135
File : nvt/gb_fedora_2010_11135_mysql_fc13.nasl

Snort® IPS/IDS

DateDescription
2014-01-10create function buffer overflow attempt
RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7
2014-01-10create function access attempt
RuleID : 3528 - Type : SERVER-MYSQL - Revision : 12
2014-01-10Microsoft MSN Messenger png overflow
RuleID : 3130-community - Type : PUA-OTHER - Revision : 8
2014-01-10Microsoft MSN Messenger png overflow
RuleID : 3130 - Type : PUA-OTHER - Revision : 8
2014-01-10Database unique set column denial of service attempt
RuleID : 19094 - Type : SERVER-MYSQL - Revision : 12
Hide | Show 9 More...
DateDescription
2014-01-10Database unique set column denial of service attempt
RuleID : 19093 - Type : SERVER-MYSQL - Revision : 12
2014-01-10create function mysql.func arbitrary library injection attempt
RuleID : 17412 - Type : SERVER-MYSQL - Revision : 9
2014-01-10mysql_log COM_DROP_DB format string vulnerability exploit attempt
RuleID : 16708 - Type : SERVER-MYSQL - Revision : 7
2014-01-10mysql_log COM_CREATE_DB format string vulnerability exploit attempt
RuleID : 16707 - Type : SERVER-MYSQL - Revision : 7
2014-01-10login handshake information disclosure attempt
RuleID : 16020 - Type : SERVER-MYSQL - Revision : 13
2014-01-10create function libc arbitrary code execution attempt
RuleID : 15952 - Type : SERVER-MYSQL - Revision : 5
2014-01-10XML Functions UpdateXML Scalar XPath denial of service attempt
RuleID : 15443 - Type : SERVER-MYSQL - Revision : 10
2014-01-10XML Functions ExtractValue Scalar XPath denial of service attempt
RuleID : 15442 - Type : SERVER-MYSQL - Revision : 6
2014-01-10MySQL COM_TABLE_DUMP Function Stack Overflow attempt
RuleID : 11619 - Type : SERVER-MYSQL - Revision : 7

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-09-15Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1082.nasl - Type : ACT_GATHER_INFO
2016-07-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3621.nasl - Type : ACT_GATHER_INFO
2016-06-27Name : The remote Debian host is missing a security update.
File : debian_DLA-526.nasl - Type : ACT_GATHER_INFO
2015-06-01Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-389.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_mysql_20130924.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL8178.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-273.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-276.nasl - Type : ACT_GATHER_INFO
2013-08-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0219.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0152.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0442.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0825.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-1155.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0164.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote database server is affected by multiple vulnerabilities.
File : mariadb_5_5_28.nasl - Type : ACT_GATHER_INFO
2013-02-28Name : The remote database server is affected by multiple vulnerabilities.
File : mariadb_5_1_67.nasl - Type : ACT_GATHER_INFO
2013-02-28Name : The remote database server is affected by multiple vulnerabilities.
File : mariadb_5_2_14.nasl - Type : ACT_GATHER_INFO
2013-02-28Name : The remote database server is affected by multiple vulnerabilities.
File : mariadb_5_3_12.nasl - Type : ACT_GATHER_INFO
2013-02-28Name : The remote database server is affected by multiple vulnerabilities.
File : mariadb_5_5_29.nasl - Type : ACT_GATHER_INFO
2013-02-09Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-007.nasl - Type : ACT_GATHER_INFO
2013-02-03Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130131_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO