Veracode Vulnerability DatabaseVERACODE:10813

HistoryJan 15, 2019 - 8:52 a.m.

Denial Of Service (DoS)

2019-01-1508:52:35

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

JSON

mysql is vulnerable to denial of service. An assertion failure and mysqld abort occurs when the service processes HANDLER READ NEXT statements after deleting a record. A remote authenticated attacker is able to exploit the vulnerability to cause the process to crash.

CPENameOperatorVersion
mysqleq5.1.61__1.el6_2.1
mysqleq5.1.47__4.el6
mysqleq5.1.52__1.el6_0.1

Name	Operator	Version
mysql	eq	5.1.61__1.el6_2.1
mysql	eq	5.1.47__4.el6
mysql	eq	5.1.52__1.el6_0.1

References

bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15

dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html

dev.mysql.com/doc/refman/5.1/en/replacing-builtin-innodb.html

dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html

eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/

secunia.com/advisories/53372

security.gentoo.org/glsa/glsa-201308-06.xml

www.openwall.com/lists/oss-security/2012/04/13/7

www.securityfocus.com/bid/52931

access.redhat.com/security/updates/classification/#low

bugzilla.redhat.com/show_bug.cgi?id=740224

rhn.redhat.com/errata/RHSA-2012-0874.html

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

JSON

Related for VERACODE:10813