This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mysql:mysql:5.0.24a |
| Detail | |||
|---|---|---|---|
| Vendor | Mysql | First view | 2008-05-05 |
| Product | Mysql | Last view | 2012-08-16 |
| Version | 5.0.24a | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mysql:mysql | ||
Activity : Overall
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 6.8 | 2012-08-16 | CVE-2009-5026 | Network | Medium | None Requ... | |
| 4 | 2012-01-18 | CVE-2012-0490 | Network | Low | Requires ... | |
| 4 | 2012-01-18 | CVE-2012-0484 | Network | Low | Requires ... | |
| 3 | 2012-01-18 | CVE-2012-0114 | Local | Medium | Requires ... | |
| 4 | 2012-01-18 | CVE-2012-0102 | Network | Low | Requires ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4 | 2012-01-18 | CVE-2012-0101 | Network | Low | Requires ... | |
| 4 | 2012-01-18 | CVE-2012-0087 | Network | Low | Requires ... | |
| 1.7 | 2012-01-18 | CVE-2012-0075 | Network | High | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3838 | Network | Low | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3837 | Network | Low | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3836 | Network | Low | Requires ... | |
| 4 | 2011-01-14 | CVE-2010-3834 | Network | Low | Requires ... | |
| 5 | 2011-01-14 | CVE-2010-3833 | Network | Low | None Requ... | |
| 6 | 2010-06-07 | CVE-2010-1850 | Network | Medium | Requires ... | |
| 5 | 2010-06-07 | CVE-2010-1849 | Network | Low | None Requ... | |
| 6.5 | 2010-06-07 | CVE-2010-1848 | Network | Low | Requires ... | |
| 3.6 | 2010-05-21 | CVE-2010-1626 | Local | Low | None Requ... | |
| 6.8 | 2009-11-30 | CVE-2009-4028 | Network | Medium | None Requ... | |
| 4 | 2009-11-30 | CVE-2009-4019 | Network | Low | Requires ... | |
| 6 | 2009-11-30 | CVE-2008-7247 | Network | Medium | Requires ... | |
| 8.5 | 2009-07-13 | CVE-2009-2446 | Network | Medium | Requires ... | |
| 4.6 | 2008-09-18 | CVE-2008-4098 | Network | High | Requires ... | |
| 4 | 2008-09-10 | CVE-2008-3963 | Network | Low | Requires ... | |
| 4.6 | 2008-05-05 | CVE-2008-2079 | Network | High | Requires ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 21% (3) | CWE-399 | Resource Management Errors |
| 21% (3) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 14% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
| 14% (2) | CWE-134 | Uncontrolled Format String |
| 7% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| % | id | Name |
|---|---|---|
| 7% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
| 7% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 7% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10133 | MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.... |
| oval:org.mitre.oval:def:10521 | MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not pro... |
| oval:org.mitre.oval:def:10591 | MySQL before 5.0.67 allows local users to bypass certain privilege checks by ... |
| oval:org.mitre.oval:def:11857 | Multiple format string vulnerabilities in the dispatch_command function in li... |
| oval:org.mitre.oval:def:22888 | ELSA-2009:1289: mysql security and bug fix update (Moderate) |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:8500 | MySQL 5.0 and 5.1 SELECT Statement DOS Vulnerability |
| oval:org.mitre.oval:def:11349 | mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) prop... |
| oval:org.mitre.oval:def:8510 | MySQL 5.0 and 5.1 Clients with OpenSSL Vulnerability Allows Bypassing Server ... |
| oval:org.mitre.oval:def:10940 | The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5... |
| oval:org.mitre.oval:def:9490 | MySQL before 5.1.46 allows local users to delete the data and index files of ... |
| oval:org.mitre.oval:def:7210 | Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability |
| oval:org.mitre.oval:def:10258 | Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before ... |
| oval:org.mitre.oval:def:7328 | Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability |
| oval:org.mitre.oval:def:6693 | Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability |
| oval:org.mitre.oval:def:22134 | RHSA-2010:0442: mysql security update (Important) |
| oval:org.mitre.oval:def:10846 | Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remo... |
| oval:org.mitre.oval:def:23130 | ELSA-2010:0442: mysql security update (Important) |
| oval:org.mitre.oval:def:20957 | RHSA-2012:0127: mysql security update (Moderate) |
| oval:org.mitre.oval:def:23295 | ELSA-2012:0127: mysql security update (Moderate) |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78388 | Oracle MySQL Server Unspecified Remote DoS (2012-0490) |
| 78379 | Oracle MySQL Server Unspecified Remote DoS (2012-0102) |
| 78378 | Oracle MySQL Server Unspecified Remote DoS (2012-0101) |
| 78377 | Oracle MySQL Server Unspecified Remote DoS (2012-0087) |
| 78374 | Oracle MySQL Server Unspecified Remote Issue (2012-0075) |
| id | Description |
|---|---|
| 78373 | Oracle MySQL Server Unspecified Local Issue |
| 78372 | Oracle MySQL Server Unspecified Remote Information Disclosure |
| 69395 | MySQL Derived Table Grouping DoS |
| 69393 | MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS |
| 69392 | MySQL Extreme-Value Functions Mixed Arguments DoS |
| 69390 | MySQL Extreme-Value Functions Argument Parsing Type Error DoS |
| 69387 | MySQL LIKE Predicates Pre-Evaluation DoS |
| 64843 | MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion |
| 64588 | MySQL Large Packet Infinite Read DoS |
| 64587 | MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow |
| 64586 | MySQL COM_FIELD_LIST Command Packet Authentication Bypass |
| 60664 | MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restri... |
| 60489 | MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS |
| 60488 | MySQL SELECT Statement WHERE Clause Sub-query DoS |
| 60487 | MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness |
| 55734 | MySQL sql_parse.cc dispatch_command() Function Format String DoS |
| 48021 | MySQL Empty Bit-String Literal Token SQL Statement DoS |
| 44937 | MySQL MyISAM Table CREATE TABLE Privilege Check Bypass |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0105 centos6 File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0127 centos5 File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl |
| 2012-07-09 | Name : RedHat Update for mysql RHSA-2012:0105-01 File : nvt/gb_RHSA-2012_0105-01_mysql.nasl |
| 2012-06-05 | Name : RedHat Update for mysql RHSA-2011:0164-01 File : nvt/gb_RHSA-2011_0164-01_mysql.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2429-1 (mysql-5.1) File : nvt/deb_2429_1.nasl |
| id | Description |
|---|---|
| 2012-04-02 | Name : Fedora Update for mysql FEDORA-2012-0972 File : nvt/gb_fedora_2012_0972_mysql_fc16.nasl |
| 2012-03-16 | Name : Ubuntu Update for mysql-5.1 USN-1397-1 File : nvt/gb_ubuntu_USN_1397_1.nasl |
| 2012-02-21 | Name : RedHat Update for mysql RHSA-2012:0127-01 File : nvt/gb_RHSA-2012_0127-01_mysql.nasl |
| 2012-02-13 | Name : Fedora Update for mysql FEDORA-2012-0987 File : nvt/gb_fedora_2012_0987_mysql_fc15.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-02 (MySQL) File : nvt/glsa_201201_02.nasl |
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-08-19 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004) File : nvt/secpod_macosx_su11-004.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2010:0109 centos5 i386 File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2010:0442 centos5 i386 File : nvt/gb_CESA-2010_0442_mysql_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2009:1289 centos5 i386 File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl |
| 2011-01-21 | Name : MySQL Multiple Denial of Service Vulnerabilities File : nvt/gb_mysql_mult_dos_vuln_jan11.nasl |
| 2010-11-16 | Name : Ubuntu Update for MySQL vulnerabilities USN-1017-1 File : nvt/gb_ubuntu_USN_1017_1.nasl |
| 2010-11-16 | Name : RedHat Update for mysql RHSA-2010:0824-01 File : nvt/gb_RHSA-2010_0824-01_mysql.nasl |
| 2010-11-16 | Name : RedHat Update for mysql RHSA-2010:0825-01 File : nvt/gb_RHSA-2010_0825-01_mysql.nasl |
| 2010-11-16 | Name : Mandriva Update for mysql MDVSA-2010:222 (mysql) File : nvt/gb_mandriva_MDVSA_2010_222.nasl |
| 2010-11-16 | Name : Mandriva Update for mysql MDVSA-2010:223 (mysql) File : nvt/gb_mandriva_MDVSA_2010_223.nasl |
| 2010-11-16 | Name : CentOS Update for mysql CESA-2010:0824 centos4 i386 File : nvt/gb_CESA-2010_0824_mysql_centos4_i386.nasl |
| 2010-11-10 | Name : Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities File : nvt/gb_mysql_43676.nasl |
| 2010-10-19 | Name : Fedora Update for mysql FEDORA-2010-15166 File : nvt/gb_fedora_2010_15166_mysql_fc13.nasl |
| 2010-08-06 | Name : Fedora Update for mysql FEDORA-2010-11126 File : nvt/gb_fedora_2010_11126_mysql_fc12.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Database SELECT subquery denial of service attempt RuleID : 20053 - Type : SERVER-MYSQL - Revision : 6 |
| 2014-01-10 | mysql_log COM_DROP_DB format string vulnerability exploit attempt RuleID : 16708 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | mysql_log COM_CREATE_DB format string vulnerability exploit attempt RuleID : 16707 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | Database COM_FIELD_LIST Buffer Overflow attempt RuleID : 16703 - Type : SERVER-MYSQL - Revision : 6 |
| 2014-01-10 | database Procedure Analyse denial of service attempt - 2 RuleID : 16349 - Type : SERVER-MYSQL - Revision : 6 |
| Date | Description |
|---|---|
| 2014-01-10 | database PROCEDURE ANALYSE denial of service attempt - 1 RuleID : 16348 - Type : SERVER-MYSQL - Revision : 6 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-44.nasl - Type : ACT_GATHER_INFO |
| 2013-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0442.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0824.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0825.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0164.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0105.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0127.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmysqlclient-devel-120731.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120208_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100216_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100216_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100526_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101103_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101103_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080724_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-03-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1397-1.nasl - Type : ACT_GATHER_INFO |
| 2012-03-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2429.nasl - Type : ACT_GATHER_INFO |
| 2012-02-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0127.nasl - Type : ACT_GATHER_INFO |
