Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbNeil KettleEDB-ID:30020
HistoryDec 04, 2013 - 12:00 a.m.

MySQL 5.0.x - IF Query Handling Remote Denial of Service

2013-12-0400:00:00
Neil Kettle
www.exploit-db.com
29

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/23911/info

MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries.

An attacker can exploit this issue to crash the application, denying access to legitimate users.

NOTE: An attacker must be able to execute arbitrary SELECT statements against the database to exploit this issue. This may be through legitimate means or by exploiting other latent SQL-injection vulnerabilities.

Versions prior to MySQL 5.0.40 are vulnerable. 

SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0)));

Related

zdt 1
altlinux 1
ubuntucve 1
prion 1
securityvulns 3
veracode 1
nvd 1
packetstorm 1
cve 1
cvelist 1
nessus 12
openvas 11
ubuntu 1
debian 2
osv 1
redhat 1
oraclelinux 1
zdt
zdt
MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability
2013-12-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.41-alt1
2007-05-28 00:00:00
ubuntucve
ubuntucve
CVE-2007-2583
2007-05-10 00:00:00
prion
prion
Null pointer dereference
2007-05-10 00:19:00
securityvulns
securityvulns
MySQl database server DoS
2007-05-25 00:00:00
[email protected], [email protected]
2007-10-13 00:00:00
MySQL multiple security vulnerabilities
2007-10-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:28:42
nvd
nvd
CVE-2007-2583
2007-05-10 00:19:00
packetstorm
packetstorm
MySQL 5.0.x Denial Of Service
2013-12-05 00:00:00
cve
cve
CVE-2007-2583
2007-05-10 00:19:00
cvelist
cvelist
CVE-2007-2583
2007-05-09 22:00:00
nessus
nessus
MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
2007-05-10 00:00:00
MySQL 5.0 < 5.0.40 Multiple Vulnerabilities
2012-01-18 00:00:00
Mandrake Linux Security Advisory : MySQL (MDKSA-2007:139)
2007-07-05 00:00:00
openvas
openvas
Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
2009-04-09 00:00:00
Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
2009-04-09 00:00:00
Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
2009-03-23 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2007-10-11 00:00:00
debian
debian
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
osv
osv
mysql - multiple
2007-11-26 00:00:00
redhat
redhat
(RHSA-2008:0364) Low: mysql security and bug fix update
2008-05-20 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2008-05-30 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:30020
zdt1altlinux1ubuntucve1prion1securityvulns3veracode1nvd1packetstorm1cve1cvelist1nessus12openvas11ubuntu1debian2osv1redhat1oraclelinux1