Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtNeil Kettle1337DAY-ID-21622
HistoryDec 05, 2013 - 12:00 a.m.

MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability

2013-12-0500:00:00
Neil Kettle
0day.today
29

0.006 Low

EPSS

Percentile

75.7%

JSON

Exploit for linux platform in category dos / poc

MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries.
 
An attacker can exploit this issue to crash the application, denying access to legitimate users.
 
NOTE: An attacker must be able to execute arbitrary SELECT statements against the database to exploit this issue. This may be through legitimate means or by exploiting other latent SQL-injection vulnerabilities.
 
Versions prior to MySQL 5.0.40 are vulnerable. 
 
SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0)));

#  0day.today [2018-03-28]  #

Related

ubuntucve 1
altlinux 1
packetstorm 1
cve 1
securityvulns 3
prion 1
veracode 1
nessus 12
openvas 11
ubuntu 1
osv 1
debian 2
redhat 1
oraclelinux 1
ubuntucve
ubuntucve
CVE-2007-2583
2007-05-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.41-alt1
2007-05-28 00:00:00
packetstorm
packetstorm
MySQL 5.0.x Denial Of Service
2013-12-05 00:00:00
cve
cve
CVE-2007-2583
2007-05-10 00:19:00
securityvulns
securityvulns
MySQl database server DoS
2007-05-25 00:00:00
MySQL multiple security vulnerabilities
2007-10-13 00:00:00
[email protected], [email protected]
2007-10-13 00:00:00
prion
prion
Null pointer dereference
2007-05-10 00:19:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:28:42
nessus
nessus
MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
2007-05-10 00:00:00
MySQL 5.0 < 5.0.40 Multiple Vulnerabilities
2012-01-18 00:00:00
Mandrake Linux Security Advisory : MySQL (MDKSA-2007:139)
2007-07-05 00:00:00
openvas
openvas
Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
2009-04-09 00:00:00
Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
2009-04-09 00:00:00
Ubuntu: Security Advisory (USN-528-1)
2009-03-23 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2007-10-11 00:00:00
osv
osv
mysql - multiple
2007-11-26 00:00:00
debian
debian
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 00:00:00
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
redhat
redhat
(RHSA-2008:0364) Low: mysql security and bug fix update
2008-05-20 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2008-05-30 00:00:00

0.006 Low

EPSS

Percentile

75.7%

JSON
Related for 1337DAY-ID-21622
ubuntucve1altlinux1packetstorm1cve1securityvulns3prion1veracode1nessus12openvas11ubuntu1osv1debian2redhat1oraclelinux1