This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mysql:mysql:5.0.24a |
| Detail | |||
|---|---|---|---|
| Vendor | Mysql | First view | 2006-12-31 |
| Product | Mysql | Last view | 2015-04-16 |
| Version | 5.0.24a | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mysql:mysql | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.9 | 2015-04-16 | CVE-2015-2575 | Network | Medium | Requires ... | |
| 6.8 | 2012-08-16 | CVE-2009-5026 | Network | Medium | None Requ... | |
| 4 | 2012-01-18 | CVE-2012-0490 | Network | Low | Requires ... | |
| 4 | 2012-01-18 | CVE-2012-0484 | Network | Low | Requires ... | |
| 3 | 2012-01-18 | CVE-2012-0114 | Local | Medium | Requires ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4 | 2012-01-18 | CVE-2012-0102 | Network | Low | Requires ... | |
| 4 | 2012-01-18 | CVE-2012-0101 | Network | Low | Requires ... | |
| 4 | 2012-01-18 | CVE-2012-0087 | Network | Low | Requires ... | |
| 1.7 | 2012-01-18 | CVE-2012-0075 | Network | High | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3838 | Network | Low | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3837 | Network | Low | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3836 | Network | Low | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3834 | Network | Low | Requires ... | |
| 5 | 2011-01-14 | CVE-2010-3833 | Network | Low | None Requ... | |
| 4 | 2011-01-11 | CVE-2010-3682 | Network | Low | Requires ... | |
| 4 | 2011-01-11 | CVE-2010-3677 | Network | Low | Requires ... | |
| 3.5 | 2010-07-13 | CVE-2010-2008 | Network | Medium | Requires ... | |
| 6 | 2010-06-07 | CVE-2010-1850 | Network | Medium | Requires ... | |
| 5 | 2010-06-07 | CVE-2010-1849 | Network | Low | None Requ... | |
| 6.5 | 2010-06-07 | CVE-2010-1848 | Network | Low | Requires ... | |
| 3.6 | 2010-05-21 | CVE-2010-1626 | Local | Low | None Requ... | |
| 5 | 2010-05-14 | CVE-2010-1621 | Network | Low | None Requ... | |
| 6.8 | 2009-11-30 | CVE-2009-4028 | Network | Medium | None Requ... | |
| 4 | 2009-11-30 | CVE-2009-4019 | Network | Low | Requires ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 19% (4) | CWE-399 | Resource Management Errors |
| 14% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 14% (3) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 14% (3) | CWE-20 | Improper Input Validation |
| 9% (2) | CWE-134 | Uncontrolled Format String |
| % | id | Name |
|---|---|---|
| 9% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 9% (2) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
| 4% (1) | CWE-189 | Numeric Errors |
| 4% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:7905 | DSA-1877 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code |
| oval:org.mitre.oval:def:12751 | DSA-1877-1 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code |
| oval:org.mitre.oval:def:11857 | Multiple format string vulnerabilities in the dispatch_command function in li... |
| oval:org.mitre.oval:def:22888 | ELSA-2009:1289: mysql security and bug fix update (Moderate) |
| oval:org.mitre.oval:def:28888 | RHSA-2009:1289 -- mysql security and bug fix update (Moderate) |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:9930 | The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5... |
| oval:org.mitre.oval:def:11720 | sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows rem... |
| oval:org.mitre.oval:def:9530 | MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data... |
| oval:org.mitre.oval:def:7544 | MySQL 6.0 and 5.1 XPath Expression DOS Vulnerability |
| oval:org.mitre.oval:def:20366 | DSA-1413-1 mysql - multiple |
| oval:org.mitre.oval:def:11390 | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB en... |
| oval:org.mitre.oval:def:21851 | ELSA-2007:1155: mysql security update (Important) |
| oval:org.mitre.oval:def:8510 | MySQL 5.0 and 5.1 Clients with OpenSSL Vulnerability Allows Bypassing Server ... |
| oval:org.mitre.oval:def:10940 | The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5... |
| oval:org.mitre.oval:def:9490 | MySQL before 5.1.46 allows local users to delete the data and index files of ... |
| oval:org.mitre.oval:def:10591 | MySQL before 5.0.67 allows local users to bypass certain privilege checks by ... |
| oval:org.mitre.oval:def:11869 | Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability |
| oval:org.mitre.oval:def:16963 | USN-671-1 -- mysql-dfsg-5.0 vulnerabilities |
| oval:org.mitre.oval:def:10521 | MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not pro... |
| oval:org.mitre.oval:def:9559 | MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not re... |
| oval:org.mitre.oval:def:6693 | Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability |
| oval:org.mitre.oval:def:22134 | RHSA-2010:0442: mysql security update (Important) |
| oval:org.mitre.oval:def:13286 | DSA-2057-1 mysql-dfsg-5.0 -- several |
| oval:org.mitre.oval:def:12968 | USN-950-1 -- mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities |
| oval:org.mitre.oval:def:11765 | DSA-2057 mysql-dfsg-5.0 -- several vulnerabilities |
SAINT Exploits
| Description | Link |
|---|---|
| MySQL yaSSL SSL Hello message buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 78388 | Oracle MySQL Server Unspecified Remote DoS (2012-0490) |
| 78379 | Oracle MySQL Server Unspecified Remote DoS (2012-0102) |
| 78378 | Oracle MySQL Server Unspecified Remote DoS (2012-0101) |
| 78377 | Oracle MySQL Server Unspecified Remote DoS (2012-0087) |
| 78374 | Oracle MySQL Server Unspecified Remote Issue (2012-0075) |
| id | Description |
|---|---|
| 78373 | Oracle MySQL Server Unspecified Local Issue |
| 78372 | Oracle MySQL Server Unspecified Remote Information Disclosure |
| 69395 | MySQL Derived Table Grouping DoS |
| 69393 | MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS |
| 69392 | MySQL Extreme-Value Functions Mixed Arguments DoS |
| 69390 | MySQL Extreme-Value Functions Argument Parsing Type Error DoS |
| 69387 | MySQL LIKE Predicates Pre-Evaluation DoS |
| 67383 | MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Derefer... |
| 67378 | MySQL Unique SET Column Join DoS |
| 65851 | MySQL ALTER DATABASE #mysql50# Prefix Handling DoS |
| 64843 | MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion |
| 64588 | MySQL Large Packet Infinite Read DoS |
| 64587 | MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow |
| 64586 | MySQL COM_FIELD_LIST Command Packet Authentication Bypass |
| 63903 | MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Comm... |
| 60664 | MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restri... |
| 60489 | MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS |
| 60488 | MySQL SELECT Statement WHERE Clause Sub-query DoS |
| 60487 | MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness |
| 55734 | MySQL sql_parse.cc dispatch_command() Function Format String DoS |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0105 centos6 File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0127 centos5 File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl |
| 2012-07-09 | Name : RedHat Update for mysql RHSA-2012:0105-01 File : nvt/gb_RHSA-2012_0105-01_mysql.nasl |
| 2012-06-05 | Name : RedHat Update for mysql RHSA-2011:0164-01 File : nvt/gb_RHSA-2011_0164-01_mysql.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2429-1 (mysql-5.1) File : nvt/deb_2429_1.nasl |
| id | Description |
|---|---|
| 2012-04-02 | Name : Fedora Update for mysql FEDORA-2012-0972 File : nvt/gb_fedora_2012_0972_mysql_fc16.nasl |
| 2012-03-16 | Name : Ubuntu Update for mysql-5.1 USN-1397-1 File : nvt/gb_ubuntu_USN_1397_1.nasl |
| 2012-02-21 | Name : RedHat Update for mysql RHSA-2012:0127-01 File : nvt/gb_RHSA-2012_0127-01_mysql.nasl |
| 2012-02-13 | Name : Fedora Update for mysql FEDORA-2012-0987 File : nvt/gb_fedora_2012_0987_mysql_fc15.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-02 (MySQL) File : nvt/glsa_201201_02.nasl |
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-08-19 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004) File : nvt/secpod_macosx_su11-004.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2010:0109 centos5 i386 File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2010:0442 centos5 i386 File : nvt/gb_CESA-2010_0442_mysql_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2009:1289 centos5 i386 File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl |
| 2011-01-21 | Name : MySQL Multiple Denial of Service Vulnerabilities File : nvt/gb_mysql_mult_dos_vuln_jan11.nasl |
| 2011-01-21 | Name : Mandriva Update for mysql MDVSA-2011:012 (mysql) File : nvt/gb_mandriva_MDVSA_2011_012.nasl |
| 2011-01-18 | Name : MySQL Mysqld Multiple Denial Of Service Vulnerabilities File : nvt/gb_mysql_mysqld_mult_dos_vuln.nasl |
| 2010-12-02 | Name : Fedora Update for mysql FEDORA-2010-15147 File : nvt/gb_fedora_2010_15147_mysql_fc14.nasl |
| 2010-11-16 | Name : Ubuntu Update for MySQL vulnerabilities USN-1017-1 File : nvt/gb_ubuntu_USN_1017_1.nasl |
| 2010-11-16 | Name : RedHat Update for mysql RHSA-2010:0824-01 File : nvt/gb_RHSA-2010_0824-01_mysql.nasl |
| 2010-11-16 | Name : RedHat Update for mysql RHSA-2010:0825-01 File : nvt/gb_RHSA-2010_0825-01_mysql.nasl |
| 2010-11-16 | Name : Mandriva Update for mysql MDVSA-2010:155-1 (mysql) File : nvt/gb_mandriva_MDVSA_2010_155_1.nasl |
| 2010-11-16 | Name : Mandriva Update for mysql MDVSA-2010:222 (mysql) File : nvt/gb_mandriva_MDVSA_2010_222.nasl |
| 2010-11-16 | Name : Mandriva Update for mysql MDVSA-2010:223 (mysql) File : nvt/gb_mandriva_MDVSA_2010_223.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-01-07 | yaSSL SSL Hello Message buffer overflow attempt RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1 |
| 2014-01-10 | Database SELECT subquery denial of service attempt RuleID : 20053 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | Database unique set column denial of service attempt RuleID : 19094 - Type : SERVER-MYSQL - Revision : 12 |
| 2014-01-10 | Database unique set column denial of service attempt RuleID : 19093 - Type : SERVER-MYSQL - Revision : 12 |
| 2014-01-10 | yaSSL SSL Hello Message Buffer Overflow attempt RuleID : 18513 - Type : SERVER-MYSQL - Revision : 13 |
| Date | Description |
|---|---|
| 2014-01-10 | mysql_log COM_DROP_DB format string vulnerability exploit attempt RuleID : 16708 - Type : SERVER-MYSQL - Revision : 8 |
| 2014-01-10 | mysql_log COM_CREATE_DB format string vulnerability exploit attempt RuleID : 16707 - Type : SERVER-MYSQL - Revision : 8 |
| 2014-01-10 | Database COM_FIELD_LIST Buffer Overflow attempt RuleID : 16703 - Type : SERVER-MYSQL - Revision : 10 |
| 2014-01-10 | database Procedure Analyse denial of service attempt - 2 RuleID : 16349 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | database PROCEDURE ANALYSE denial of service attempt - 1 RuleID : 16348 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | XML Functions UpdateXML Scalar XPath denial of service attempt RuleID : 15443 - Type : SERVER-MYSQL - Revision : 10 |
| 2014-01-10 | XML Functions ExtractValue Scalar XPath denial of service attempt RuleID : 15442 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt RuleID : 13714 - Type : SERVER-MYSQL - Revision : 16 |
| 2014-01-10 | yaSSL SSLv2 Client Hello Message Challenge Buffer Overflow attempt RuleID : 13713 - Type : MYSQL - Revision : 9 |
| 2014-01-10 | yaSSL SSLv2 Client Hello Message Session ID Buffer Overflow attempt RuleID : 13712 - Type : MYSQL - Revision : 9 |
| 2014-01-10 | yaSSL SSLv2 Client Hello Message Cipher Length Buffer Overflow attempt RuleID : 13711 - Type : MYSQL - Revision : 9 |
| 2014-01-10 | yaSSL SSL Hello Message Buffer Overflow attempt RuleID : 13593 - Type : MYSQL - Revision : 7 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2016-09-15 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-1082.nasl - Type : ACT_GATHER_INFO |
| 2016-07-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3621.nasl - Type : ACT_GATHER_INFO |
| 2016-06-27 | Name : The remote Debian host is missing a security update. File : debian_DLA-526.nasl - Type : ACT_GATHER_INFO |
| 2015-06-01 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-389.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_mysql_20130924.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14410.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL8178.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libmariadbclient16-110701.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libmysqlclient-devel-110607.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libmysqlclusterclient16-110706.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-273.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-274.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-276.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libmariadbclient16-110701.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libmysqlclient-devel-110607.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libmysqlclusterclient16-110706.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-44.nasl - Type : ACT_GATHER_INFO |
| 2013-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0442.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0824.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0825.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1155.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0164.nasl - Type : ACT_GATHER_INFO |
