Test Kennung:	1.3.6.1.4.1.25623.1.0.801567
Kategorie:	Denial of Service
Titel:	MySQL Mysqld Multiple Denial Of Service Vulnerabilities
Zusammenfassung:	MySQL is prone to multiple denial of service vulnerabilities.
Beschreibung:	Summary: MySQL is prone to multiple denial of service vulnerabilities. Vulnerability Insight: The flaws are due to: - An error in handling of a join query that uses a table with a unique SET column. - An error in handling of 'EXPLAIN' with crafted 'SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)' statements. Vulnerability Impact: Successful exploitation could allow users to cause a Denial of Service condution. Affected Software/OS: MySQL version 5.1 before 5.1.49 and 5.0 before 5.0.92 on all running platform. Solution: Upgrade to MySQL version 5.1.49 or 5.0.92 CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3677 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html BugTraq ID: 42646 http://www.securityfocus.com/bid/42646 Debian Security Information: DSA-2143 (Google Search) http://www.debian.org/security/2011/dsa-2143 http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 http://www.mandriva.com/security/advisories?name=MDVSA-2011:012 http://bugs.mysql.com/bug.php?id=54575 http://www.openwall.com/lists/oss-security/2010/09/28/10 http://www.redhat.com/support/errata/RHSA-2010-0825.html http://www.redhat.com/support/errata/RHSA-2011-0164.html http://secunia.com/advisories/42875 http://secunia.com/advisories/42936 SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html TurboLinux Advisory: TLSA-2011-3 http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt http://www.ubuntu.com/usn/USN-1017-1 http://www.ubuntu.com/usn/USN-1397-1 http://www.vupen.com/english/advisories/2011/0105 http://www.vupen.com/english/advisories/2011/0133 http://www.vupen.com/english/advisories/2011/0170 http://www.vupen.com/english/advisories/2011/0345 XForce ISS Database: mysql-setcolumn-dos(64688) https://exchange.xforce.ibmcloud.com/vulnerabilities/64688 Common Vulnerability Exposure (CVE) ID: CVE-2010-3682 BugTraq ID: 42599 http://www.securityfocus.com/bid/42599 XForce ISS Database: mysql-itemsinglerowsubselect-dos(64684) https://exchange.xforce.ibmcloud.com/vulnerabilities/64684
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.