This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mysql:mysql:5.0.4a
Detail
VendorMysqlFirst view 2006-07-21
ProductMysqlLast view 2012-10-16
Version5.0.4aTypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mysql:mysql

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82012-10-16CVE-2012-3177NetworkLowRequires ...
42012-10-16CVE-2012-3166NetworkLowRequires ...
2.12012-10-16CVE-2012-3160LocalLowNone Requ...
6.82012-08-16CVE-2009-5026NetworkMediumNone Requ...
42012-05-03CVE-2012-1697NetworkLowRequires ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42012-05-03CVE-2012-1696NetworkLowRequires ...
42012-01-18CVE-2012-0490NetworkLowRequires ...
42012-01-18CVE-2012-0484NetworkLowRequires ...
32012-01-18CVE-2012-0114LocalMediumRequires ...
42012-01-18CVE-2012-0102NetworkLowRequires ...
42012-01-18CVE-2012-0101NetworkLowRequires ...
42012-01-18CVE-2012-0087NetworkLowRequires ...
1.72012-01-18CVE-2012-0075NetworkHighRequires ...
42011-01-14CVE-2010-3838NetworkLowRequires ...
42011-01-14CVE-2010-3837NetworkLowRequires ...
42011-01-14CVE-2010-3836NetworkLowRequires ...
42011-01-14CVE-2010-3834NetworkLowRequires ...
52011-01-14CVE-2010-3833NetworkLowNone Requ...
62010-06-07CVE-2010-1850NetworkMediumRequires ...
52010-06-07CVE-2010-1849NetworkLowNone Requ...
6.52010-06-07CVE-2010-1848NetworkLowRequires ...
6.82009-11-30CVE-2009-4028NetworkMediumNone Requ...
42009-11-30CVE-2009-4019NetworkLowRequires ...
62009-11-30CVE-2008-7247NetworkMediumRequires ...

CWE : Common Weakness Enumeration

%idName
21% (3)CWE-399Resource Management Errors
21% (3)CWE-134Uncontrolled Format String
14% (2)CWE-59Improper Link Resolution Before File Access ('Link Following')
7% (1)CWE-264Permissions, Privileges, and Access Controls
7% (1)CWE-189Numeric Errors
Hide | Show 4 More...
%idName
7% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
7% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
7% (1)CWE-20Improper Input Validation

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:9827Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...
oval:org.mitre.oval:def:10468MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:10729MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca...
oval:org.mitre.oval:def:9530MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data...
oval:org.mitre.oval:def:9930The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:9559MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not re...
oval:org.mitre.oval:def:9166The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5....
oval:org.mitre.oval:def:10133MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0....
oval:org.mitre.oval:def:10521MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not pro...
oval:org.mitre.oval:def:10591MySQL before 5.0.67 allows local users to bypass certain privilege checks by ...
oval:org.mitre.oval:def:11857Multiple format string vulnerabilities in the dispatch_command function in li...
oval:org.mitre.oval:def:22888ELSA-2009:1289: mysql security and bug fix update (Moderate)
oval:org.mitre.oval:def:8500MySQL 5.0 and 5.1 SELECT Statement DOS Vulnerability
oval:org.mitre.oval:def:11349mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) prop...
oval:org.mitre.oval:def:8510MySQL 5.0 and 5.1 Clients with OpenSSL Vulnerability Allows Bypassing Server ...
oval:org.mitre.oval:def:10940The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5...
oval:org.mitre.oval:def:7210Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
oval:org.mitre.oval:def:10258Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before ...
oval:org.mitre.oval:def:7328Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
oval:org.mitre.oval:def:6693Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
oval:org.mitre.oval:def:22134RHSA-2010:0442: mysql security update (Important)
oval:org.mitre.oval:def:10846Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remo...
oval:org.mitre.oval:def:23130ELSA-2010:0442: mysql security update (Important)
oval:org.mitre.oval:def:20957RHSA-2012:0127: mysql security update (Moderate)
oval:org.mitre.oval:def:23295ELSA-2012:0127: mysql security update (Moderate)

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78388Oracle MySQL Server Unspecified Remote DoS (2012-0490)
78379Oracle MySQL Server Unspecified Remote DoS (2012-0102)
78378Oracle MySQL Server Unspecified Remote DoS (2012-0101)
78377Oracle MySQL Server Unspecified Remote DoS (2012-0087)
78374Oracle MySQL Server Unspecified Remote Issue (2012-0075)
Hide | Show 20 More...
idDescription
78373Oracle MySQL Server Unspecified Local Issue
78372Oracle MySQL Server Unspecified Remote Information Disclosure
69395MySQL Derived Table Grouping DoS
69393MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
69392MySQL Extreme-Value Functions Mixed Arguments DoS
69390MySQL Extreme-Value Functions Argument Parsing Type Error DoS
69387MySQL LIKE Predicates Pre-Evaluation DoS
64588MySQL Large Packet Infinite Read DoS
64587MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
64586MySQL COM_FIELD_LIST Command Packet Authentication Bypass
60664MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restri...
60489MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
60488MySQL SELECT Statement WHERE Clause Sub-query DoS
60487MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
55734MySQL sql_parse.cc dispatch_command() Function Format String DoS
48021MySQL Empty Bit-String Literal Token SQL Statement DoS
44937MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
42610MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
42609MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
34766MySQL RENAME TABLE Statement Arbitrary Table Name Modification

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities
File : nvt/deb_2581_1.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-15Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
Hide | Show 20 More...
idDescription
2012-11-06Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-07-30Name : CentOS Update for mysql CESA-2012:0105 centos6
File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl
2012-07-30Name : CentOS Update for mysql CESA-2012:0127 centos5
File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl
2012-07-09Name : RedHat Update for mysql RHSA-2012:0105-01
File : nvt/gb_RHSA-2012_0105-01_mysql.nasl
2012-06-05Name : RedHat Update for mysql RHSA-2011:0164-01
File : nvt/gb_RHSA-2011_0164-01_mysql.nasl
2012-04-30Name : Debian Security Advisory DSA 2429-1 (mysql-5.1)
File : nvt/deb_2429_1.nasl
2012-04-02Name : Fedora Update for mysql FEDORA-2012-0972
File : nvt/gb_fedora_2012_0972_mysql_fc16.nasl
2012-03-16Name : Ubuntu Update for mysql-5.1 USN-1397-1
File : nvt/gb_ubuntu_USN_1397_1.nasl
2012-02-21Name : RedHat Update for mysql RHSA-2012:0127-01
File : nvt/gb_RHSA-2012_0127-01_mysql.nasl
2012-02-13Name : Fedora Update for mysql FEDORA-2012-0987
File : nvt/gb_fedora_2012_0987_mysql_fc15.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201201-02 (MySQL)
File : nvt/glsa_201201_02.nasl
2011-09-07Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
File : nvt/gb_macosx_su10-007.nasl
2011-08-19Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
File : nvt/secpod_macosx_su11-004.nasl
2011-08-09Name : CentOS Update for mysql CESA-2010:0109 centos5 i386
File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl
2011-08-09Name : CentOS Update for mysql CESA-2010:0442 centos5 i386
File : nvt/gb_CESA-2010_0442_mysql_centos5_i386.nasl
2011-08-09Name : CentOS Update for mysql CESA-2009:1289 centos5 i386
File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl
2011-01-21Name : MySQL Multiple Denial of Service Vulnerabilities
File : nvt/gb_mysql_mult_dos_vuln_jan11.nasl
2010-11-16Name : Ubuntu Update for MySQL vulnerabilities USN-1017-1
File : nvt/gb_ubuntu_USN_1017_1.nasl
2010-11-16Name : RedHat Update for mysql RHSA-2010:0824-01
File : nvt/gb_RHSA-2010_0824-01_mysql.nasl
2010-11-16Name : RedHat Update for mysql RHSA-2010:0825-01
File : nvt/gb_RHSA-2010_0825-01_mysql.nasl

Snort® IPS/IDS

DateDescription
2014-01-10Date_Format denial of service attempt
RuleID : 8057 - Type : SERVER-MYSQL - Revision : 7
2014-01-10Database SELECT subquery denial of service attempt
RuleID : 20053 - Type : SERVER-MYSQL - Revision : 6
2014-01-10mysql_log COM_DROP_DB format string vulnerability exploit attempt
RuleID : 16708 - Type : SERVER-MYSQL - Revision : 7
2014-01-10mysql_log COM_CREATE_DB format string vulnerability exploit attempt
RuleID : 16707 - Type : SERVER-MYSQL - Revision : 7
2014-01-10Database COM_FIELD_LIST Buffer Overflow attempt
RuleID : 16703 - Type : SERVER-MYSQL - Revision : 6
Hide | Show 2 More...
DateDescription
2014-01-10database Procedure Analyse denial of service attempt - 2
RuleID : 16349 - Type : SERVER-MYSQL - Revision : 6
2014-01-10database PROCEDURE ANALYSE denial of service attempt - 1
RuleID : 16348 - Type : SERVER-MYSQL - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-44.nasl - Type : ACT_GATHER_INFO
2013-08-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0152.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0442.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0824.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0825.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0164.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0105.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0127.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote database server has multiple vulnerabilities.
File : mariadb_5_5_28.nasl - Type : ACT_GATHER_INFO
2013-01-25Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libmysqlclient-devel-120731.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO
2012-12-05Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2581.nasl - Type : ACT_GATHER_INFO
2012-11-16Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20121114_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-11-15Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2012-11-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2012-11-06Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1621-1.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_1_64.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_1_66.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_5_26.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_5_28.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120208_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO