Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
MySQL Denial Of Service and Spoofing Vulnerabilities
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is running MySQL and is prone to Denial Of Service and Spoofing Vulnerabilities
Insight
Insight
The flaws are due to: - mysqld does not properly handle errors during execution of certain SELECT statements with subqueries, and does not preserve certain null_value flags during execution of statements that use the 'GeomFromWKB()' function. - An error in 'vio_verify_callback()' function in 'viosslfactories.c', when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates.
Affected Software
Affected Software
MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 on all running platform.
Solution
Solution
Upgrade to MySQL version 5.0.88 or 5.1.41.