Vulners
Lucene search
MiracleLinux 4 : mysql-5.1.52-1.AXS4.1 (AXSA:2011-32:01)
| Reporter | Title | Published | Views | Family All 258 |
|---|---|---|---|---|
 | MySQL Community Server 5.1 < 5.1.49 Multiple Denial of Service Vulnerabilities | 24 Aug 201000:00 | – | nessus |
| MySQL Community Server 5.1 < 5.1.51 Multiple Denial of Service Vulnerabilities | 5 Oct 201000:00 | – | nessus |
| Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities | 23 Jun 201100:00 | – | nessus |
| Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities | 23 Jun 201100:00 | – | nessus |
| MySQL Community Server 5.1 < 5.1.49 Multiple Denial of Service Vulnerabilities | 24 Aug 201000:00 | – | nessus |
| MySQL Community Server 5.1 < 5.1.51 Multiple Denial of Service Vulnerabilities | 5 Oct 201000:00 | – | nessus |
| CentOS 4 : mysql (CESA-2010:0824) | 24 Nov 201000:00 | – | nessus |
| CentOS 5 : mysql (CESA-2010:0825) | 24 Nov 201000:00 | – | nessus |
| Debian DSA-2143-1 : mysql-dfsg-5.0 - several vulnerabilities | 17 Jan 201100:00 | – | nessus |
| Fedora 14 : mysql-5.1.50-2.fc14 (2010-15147) | 6 Oct 201000:00 | – | nessus |
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2011-32:01.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(284205);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/14");
script_cve_id(
"CVE-2010-3677",
"CVE-2010-3678",
"CVE-2010-3679",
"CVE-2010-3680",
"CVE-2010-3681",
"CVE-2010-3682",
"CVE-2010-3683",
"CVE-2010-3833",
"CVE-2010-3835",
"CVE-2010-3836",
"CVE-2010-3837",
"CVE-2010-3838",
"CVE-2010-3839",
"CVE-2010-3840"
);
script_name(english:"MiracleLinux 4 : mysql-5.1.52-1.AXS4.1 (AXSA:2011-32:01)");
script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2011-32:01 advisory.
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation
consisting of a server daemon (mysqld) and many different client programs and libraries. The base package
contains the MySQL client programs, the client shared libraries, and generic MySQL files.
Security issues fixed with this release:
CVE-2010-3677
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial
of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
CVE-2010-3678
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via
(1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by
the WITH ROLLUP modifier.
CVE-2010-3679
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld
daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized
memory, as demonstrated by valgrind.
CVE-2010-3680
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld
daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an
assertion failure.
CVE-2010-3681
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of
service (mysqld daemon crash) by using the HANDLER interface and performing 'alternate reads from two
indexes on a table,' which triggers an assertion failure.
CVE-2010-3682
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial
of service (mysqld daemon crash) by using EXPLAIN with crafted 'SELECT ... UNION ... ORDER BY (SELECT ...
WHERE ...)' statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store
function.
CVE-2010-3683
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request
generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon
crash) via a crafted request.
CVE-2010-3833
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors,
which allows remote attackers to cause a denial of service (server crash) via crafted arguments to
extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a 'CREATE TABLE
... SELECT.'
CVE-2010-3835
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of
service (mysqld server crash) by performing a user-variable assignment in a logical expression that is
calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used
after the table is created, which causes the expression to be re-evaluated instead of accessing its value
from the table.
CVE-2010-3836
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to
cause a denial of service (assertion failure and server crash) via vectors related to view preparation,
pre-evaluation of LIKE predicates, and IN Optimizers.
CVE-2010-3837
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to
cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH
ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that
also affects the original object.
CVE-2010-3838
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to
cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with
a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result
is 'processed using an intermediate temporary table.'
CVE-2010-3839
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of
service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that
creates a query with nested JOIN statements.
CVE-2010-3840
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote
authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with
Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
These updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL release notes for a full list
of changes:
<A HREF=http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html>http://dev.mysql...
Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/1711");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-3833");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2010-3835");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vendor_severity", value:"High");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/07/09");
script_set_attribute(attribute:"patch_publication_date", value:"2011/02/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mysql-bench");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mysql-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mysql-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mysql-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:mysql-test");
script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Miracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);
if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);
var constraints = [
{
'release': '4',
'pkgs': [
{'reference':'mysql-5.1.52-1.AXS4.1', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-5.1.52-1.AXS4.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-bench-5.1.52-1.AXS4.1', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-bench-5.1.52-1.AXS4.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-devel-5.1.52-1.AXS4.1', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-devel-5.1.52-1.AXS4.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-libs-5.1.52-1.AXS4.1', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-libs-5.1.52-1.AXS4.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-server-5.1.52-1.AXS4.1', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-server-5.1.52-1.AXS4.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-test-5.1.52-1.AXS4.1', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
{'reference':'mysql-test-5.1.52-1.AXS4.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mysql / mysql-bench / mysql-devel / mysql-libs / mysql-server / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
14 Jan 2026 00:00Current
5.6Medium risk
Vulners AI Score5.6
CVSS 25
EPSS0.1407