Lucene search
This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_1_14.NASLHistoryJan 16, 2012 - 12:00 a.m.
MySQL < 5.0.32 / 5.1.14 Denial of Service
2012-01-1600:00:00
This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
80.7%
The version of MySQL installed on the remote host is earlier than 5.0.32 / 5.1.14 and thus reportedly allows a remote, authenticated user to crash the server.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(17809);
script_version("1.4");
script_cvs_date("Date: 2018/07/16 14:09:13");
script_cve_id("CVE-2006-7232");
script_bugtraq_id(28351);
script_name(english:"MySQL < 5.0.32 / 5.1.14 Denial of Service");
script_summary(english:"Checks version of MySQL Server");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is vulnerable to a denial of service
attack.");
script_set_attribute(attribute:"description", value:
"The version of MySQL installed on the remote host is earlier than
5.0.32 / 5.1.14 and thus reportedly allows a remote, authenticated
user to crash the server.");
script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html");
script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-32.html");
script_set_attribute(attribute:"solution", value:"Upgrade to MySQL version 5.0.32 / 5.1.14 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(89);
script_set_attribute(attribute:"vuln_publication_date", value:"2007/12/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/16");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mysql_version.nasl", "mysql_login.nasl");
script_require_keys("Settings/ParanoidReport");
script_require_ports("Services/mysql", 3306);
exit(0);
}
include("mysql_version.inc");
mysql_check_version(fixed:make_list('5.0.32', '5.1.14'), severity:SECURITY_NOTE);
Related
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:28:42
ubuntucve
ubuntucve
CVE-2006-7232
2006-12-31 00:00:00
cve
cve
CVE-2006-7232
2008-02-26 18:00:00
cvelist
cvelist
CVE-2006-7232
2008-02-26 18:00:00
nvd
nvd
CVE-2006-7232
2006-12-31 05:00:00
nessus
nessus
SuSE9 Security Update : MySQL (YOU Patch Number 12175)
2009-09-24 00:00:00
SuSE 10 Security Update : MySQL (ZYPP Patch Number 5338)
2008-08-14 00:00:00
openvas
openvas
SLES10: Security update for MySQL
2009-10-13 00:00:00
SLES9: Security update for MySQL
2009-10-10 00:00:00
SLES10: Security update for MySQL
2009-10-13 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2008-03-19 00:00:00
MySQL regression
2008-04-02 00:00:00
redhat
redhat
(RHSA-2008:0364) Low: mysql security and bug fix update
2008-05-20 00:00:00
suse
suse
remote code execution in openwsman
2008-08-14 18:02:43
oraclelinux
oraclelinux
mysql security and bug fix update
2008-05-30 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
80.7%
Related for MYSQL_5_1_14.NASL