USN-1397-1Executive Summary
| Summary | |
|---|---|
| Title | MySQL vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-1397-1 | First vendor Publication | 2012-03-12 |
| Vendor | Ubuntu | Last vendor Modification | 2012-03-12 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 8.5 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 6.8 | Authentification | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: mysql-server-5.1 5.1.61-0ubuntu0.11.10.1 Ubuntu 11.04: mysql-server-5.1 5.1.61-0ubuntu0.11.04.1 Ubuntu 10.10: mysql-server-5.1 5.1.61-0ubuntu0.10.10.1 Ubuntu 10.04 LTS: mysql-server-5.1 5.1.61-0ubuntu0.10.04.1 Ubuntu 8.04 LTS: mysql-server-5.0 5.0.95-0ubuntu1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1397-1 CVE-2007-5925, CVE-2008-3963, CVE-2008-4098, CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019, CVE-2009-4030, CVE-2009-4484, CVE-2010-1621, CVE-2010-1626, CVE-2010-1848, CVE-2010-1849, CVE-2010-1850, CVE-2010-2008, CVE-2010-3677, CVE-2010-3678, CVE-2010-3679, CVE-2010-3680, CVE-2010-3681, CVE-2010-3682, CVE-2010-3683, CVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2010-3839, CVE-2010-3840, CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, Package Information: https://launchpad.net/ubuntu/+source/mysql-5.1/5.1.61-0ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/mysql-5.1/5.1.61-0ubuntu0.11.04.1 https://launchpad.net/ubuntu/+source/mysql-5.1/5.1.61-0ubuntu0.10.10.1 https://launchpad.net/ubuntu/+source/mysql-dfsg-5.1/5.1.61-0ubuntu0.10.04.1 https://launchpad.net/ubuntu/+source/mysql-dfsg-5.0/5.0.95-0ubuntu1 |
Original Source
| Url : http://www.ubuntu.com/usn/USN-1397-1 |
CWE : Common Weakness Enumeration
| id | Name |
|---|---|
| CWE-399 | Resource Management Errors |
| CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| CWE-264 | Permissions, Privileges, and Access Controls |
| CWE-134 | Uncontrolled Format String |
| CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| CWE-20 | Improper Input Validation |
| CWE-189 | Numeric Errors |
| CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11390 | |||
| Oval ID: | oval:org.mitre.oval:def:11390 | ||
| Title: | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. | ||
| Description: | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2007-5925 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:10521 | |||
| Oval ID: | oval:org.mitre.oval:def:10521 | ||
| Title: | MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement. | ||
| Description: | MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-3963 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:10591 | |||
| Oval ID: | oval:org.mitre.oval:def:10591 | ||
| Title: | MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | ||
| Description: | MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-4098 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:11456 | |||
| Oval ID: | oval:org.mitre.oval:def:11456 | ||
| Title: | Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67. | ||
| Description: | Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-4456 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:11857 | |||
| Oval ID: | oval:org.mitre.oval:def:11857 | ||
| Title: | Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information. | ||
| Description: | Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-2446 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:8500 | |||
| Oval ID: | oval:org.mitre.oval:def:8500 | ||
| Title: | MySQL 5.0 and 5.1 SELECT Statement DOS Vulnerability | ||
| Description: | mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2009-4019 |
Version: | 1 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 |
Product(s): | MySQL Server 5.0 MySQL Server 5.1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:11349 | |||
| Oval ID: | oval:org.mitre.oval:def:11349 | ||
| Title: | mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement. | ||
| Description: | mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4019 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:8156 | |||
| Oval ID: | oval:org.mitre.oval:def:8156 | ||
| Title: | MySQL 5.1 Privilege Bypass with DATA/INDEX DIRECTORY | ||
| Description: | MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2009-4030 |
Version: | 1 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 |
Product(s): | MySQL Server 5.1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:11116 | |||
| Oval ID: | oval:org.mitre.oval:def:11116 | ||
| Title: | MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079. | ||
| Description: | MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4030 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:9490 | |||
| Oval ID: | oval:org.mitre.oval:def:9490 | ||
| Title: | MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | ||
| Description: | MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1626 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:7210 | |||
| Oval ID: | oval:org.mitre.oval:def:7210 | ||
| Title: | Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability | ||
| Description: | Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1848 |
Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 |
Product(s): | MySQL Server 5.0 MySQL Server 5.1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:10258 | |||
| Oval ID: | oval:org.mitre.oval:def:10258 | ||
| Title: | Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name. | ||
| Description: | Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1848 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:7328 | |||
| Oval ID: | oval:org.mitre.oval:def:7328 | ||
| Title: | Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability | ||
| Description: | The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1849 |
Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 |
Product(s): | MySQL Server 5.0 MySQL Server 5.1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6693 | |||
| Oval ID: | oval:org.mitre.oval:def:6693 | ||
| Title: | Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability | ||
| Description: | Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1850 |
Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 |
Product(s): | MySQL Server 5.0 MySQL Server 5.1 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:10846 | |||
| Oval ID: | oval:org.mitre.oval:def:10846 | ||
| Title: | Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name. | ||
| Description: | Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1850 |
Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 |
Product(s): | |
| Definition Synopsis: | |||
|
|||
| Definition Id: oval:org.mitre.oval:def:11869 | |||
| Oval ID: | oval:org.mitre.oval:def:11869 | ||
| Title: | Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability | ||
| Description: | MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2008 |
Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 |
Product(s): | MySQL Server 5.1 |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78391 | Oracle MySQL Server Unspecified Remote DoS (2012-0112) |
| 78380 | Oracle MySQL Server Unspecified Remote DoS (2012-0115) |
| 78379 | Oracle MySQL Server Unspecified Remote DoS (2012-0102) |
| 78378 | Oracle MySQL Server Unspecified Remote DoS (2012-0101) |
| 78377 | Oracle MySQL Server Unspecified Remote DoS (2012-0087) |
| 78376 | Oracle MySQL Server Unspecified Remote DoS (2011-2262) |
| 78374 | Oracle MySQL Server Unspecified Remote Issue (2012-0075) |
| 78373 | Oracle MySQL Server Unspecified Local Issue |
| 78369 | Oracle MySQL Server Unspecified Remote Issue (2012-0116) |
| 78368 | Oracle MySQL Server Unspecified Remote Issue (2012-0113) |
| 69395 | MySQL Derived Table Grouping DoS |
| 69394 | MySQL Temporary Table Expression Re-Evaluation DoS |
| 69393 | MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS |
| 69392 | MySQL Extreme-Value Functions Mixed Arguments DoS |
| 69391 | MySQL Stored Procedures / Prepared Statements Nested Joins DoS |
| 69390 | MySQL Extreme-Value Functions Argument Parsing Type Error DoS |
| 69387 | MySQL LIKE Predicates Pre-Evaluation DoS |
| 69001 | MySQL PolyFromWKB() Function WKB Data Remote DoS |
| 69000 | MySQL HANDLER Interface Unspecified READ Request DoS |
| 67384 | MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS |
| 67383 | MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Derefer... |
| 67381 | MySQL InnoDB Temporary Table Handling DoS |
| 67380 | MySQL BINLOG Statement Unspecified Argument DoS |
| 67379 | MySQL Multiple Operation NULL Argument Handling DoS |
| 67378 | MySQL Unique SET Column Join DoS |
| 65851 | MySQL ALTER DATABASE #mysql50# Prefix Handling DoS |
| 64843 | MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion |
| 64588 | MySQL Large Packet Infinite Read DoS |
| 64587 | MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow |
| 64586 | MySQL COM_FIELD_LIST Command Packet Authentication Bypass |
| 63903 | MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Comm... |
| 61956 | yaSSL Certificate Name Handling Overflow |
| 60665 | MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restricti... |
| 60664 | MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restri... |
| 60489 | MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS |
| 60488 | MySQL SELECT Statement WHERE Clause Sub-query DoS |
| 55734 | MySQL sql_parse.cc dispatch_command() Function Format String DoS |
| 51171 | MySQL InnoDB convert_search_mode_to_innobase Function DoS |
| 48710 | MySQL Command Line Client HTML Output XSS |
| 48021 | MySQL Empty Bit-String Literal Token SQL Statement DoS |
| 44937 | MySQL MyISAM Table CREATE TABLE Privilege Check Bypass |
Metasploit Database
| id | Description |
|---|---|
| 2010-01-25 | MySQL yaSSL CertDecoder::GetName Buffer Overflow |
(High)
(Medium)
(Low)
