Denial Of Service (DoS)

mysql is vulnerable to denial of service. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary WKB data. A remote, authenticated attacker could use specially-crafted WKB data to crash mysqld. This issue only caused a temporary denial of service, as mysqld was...

Scientific Linux Security Update : mysql on SL4.x i386/x86_64

It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary WKB data. A remote, authenticated attacker could use specially crafted WKB data to crash mysqld. This issue only caused a temporary denial of service, as mysqld was automatically restarted after the crash...

MySQL: crash when loading data into geometry function PolyFromWKB() (MySQL Bug#51875)

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

Debian DSA-2143-1 : mysql-dfsg-5.0 - several vulnerabilities

Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-3677 It was discovered that MySQL allows remote authenticated users to cause a denial of service mysqld daemon crash via a joi...

CVE-2010-3840

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

Code injection

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

CVE-2010-3840

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

CVE-2010-3840

CVE-2010-3840 affects MySQL 5.1, where Gis_line_string::init_from_wkb in sql/spatial.cc can crash the server. If remote, authenticated users supply Well-Known Binary data containing a crafted number of line strings or line points, it can cause a denial of service (server crash). The issue is docu...

Mandriva Update for mysql MDVSA-2010:223 (mysql)

Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:223 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Linux Security Advisory : mysql (MDVSA-2010:223)

Multiple vulnerabilities were discovered and corrected in mysql : - During evaluation of arguments to extreme-value functions such as LEAST and GREATEST, type errors did not propagate properly, causing the server to crash CVE-2010-3833. - The server could crash after materializing a derived table...

Mandriva Linux Security Advisory : mysql (MDVSA-2010:222)

Multiple vulnerabilities were discovered and corrected in mysql : - Joins involving a table with with a unique SET column could cause a server crash CVE-2010-3677. - Use of TEMPORARY InnoDB tables with nullable columns could cause a server crash CVE-2010-3680. - The server could crash if there we...

CVE-2010-3840

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

RHEL 4 : mysql (RHSA-2010:0824)

Updated mysql packages that fix three security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: mysql security update

Updated mysql packages that fix three security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

MySQL Community Server < 5.1.51 Multiple Vulnerabilities

The version of MySQL Community Server installed on the remote host is earlier than 5.1.51 and is, therefore, potentially affected by multiple vulnerabilities: - A privilege escalation vulnerability exists when using statement-based replication. Version specific comments used on a master server wi...