Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1112
HistoryJul 18, 2006 - 12:00 a.m.

mysql-dfsg-4.1 - several vulnerabilities

2006-07-1800:00:00
Google
osv.dev
12

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.936 High

EPSS

Percentile

98.7%

JSON

Several local vulnerabilities have been discovered in the MySQL database
server, which may lead to denial of service. The Common
Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2006-3081
    “Kanatoko” discovered that the server can be crashed with feeding
    NULL values to the str_to_date() function.
  • CVE-2006-3469
    Jean-David Maillefer discovered that the server can be crashed with
    specially crafted date_format() function calls.

For the stable distribution (sarge) these problems have been fixed in
version 4.1.11a-4sarge5.

For the unstable distribution (sid) does no longer contain MySQL 4.1
packages. MySQL 5.0 from sid is not affected.

We recommend that you upgrade your mysql-dfsg-4.1 packages.

Related

nessus 14
openvas 12
debian 1
veracode 2
cve 2
ubuntucve 2
checkpoint_advisories 2
freebsd 1
slackware 1
gentoo 1
ubuntu 2
redhat 3
oraclelinux 1
centos 1
securityvulns 1
nessus
nessus
Debian DSA-1112-1 : mysql-dfsg-4.1 - several vulnerabilities
2006-10-14 00:00:00
GLSA-200608-09 : MySQL: Denial of Service
2006-08-07 00:00:00
Slackware 10.2 : mysql (SSA:2006-211-01)
2007-02-18 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1112)
2008-01-17 00:00:00
Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
2008-01-17 00:00:00
Slackware: Security Advisory (SSA:2006-211-01)
2012-09-10 00:00:00
debian
debian
[SECURITY] [DSA 1112-1] New mysql-dfsg-4.1 packages fix denial of service
2006-07-17 23:20:30
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:25:16
Denial Of Service (DoS)
2020-04-10 00:14:19
cve
cve
CVE-2006-3469
2006-07-21 14:03:00
CVE-2006-3081
2006-06-19 18:02:00
ubuntucve
ubuntucve
CVE-2006-3469
2006-07-21 00:00:00
CVE-2006-3081
2006-06-19 00:00:00
checkpoint_advisories
checkpoint_advisories
MySQL Server DATE_FORMAT Function Format String (CVE-2006-3469)
2009-11-10 00:00:00
Update Protection against MySQL Server str_to_date DoS Vulnerability
2006-07-05 00:00:00
freebsd
freebsd
mysql -- format string vulnerability
2006-06-27 00:00:00
slackware
slackware
[slackware-security] mysql
2006-07-31 03:23:42
gentoo
gentoo
MySQL: Denial of service
2006-08-06 00:00:00
ubuntu
ubuntu
mysql-dfsg-4.1 vulnerability
2006-07-21 00:00:00
MySQL 4.1 vulnerability
2006-06-27 00:00:00
redhat
redhat
(RHSA-2008:0768) Moderate: mysql security, bug fix, and enhancement update
2008-07-24 00:00:00
(RHSA-2007:0083) Low: mysql security update
2007-02-19 00:00:00
(RHSA-2006:0544) mysql security update
2006-06-09 00:00:00
oraclelinux
oraclelinux
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
centos
centos
mysql security update
2006-06-09 17:37:00
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA06-208A -- Mozilla Products Contain Multiple Vulnerabilities
2006-07-28 00:00:00

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.936 High

EPSS

Percentile

98.7%

JSON
Related for OSV:DSA-1112
nessus14openvas12debian1veracode2cve2ubuntucve2checkpoint_advisories2freebsd1slackware1gentoo1ubuntu2redhat3oraclelinux1centos1securityvulns1