Lucene search
This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_0_36.NASLHistoryJan 16, 2012 - 12:00 a.m.
MySQL < 5.0.36 Denial of Service
2012-01-1600:00:00
This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
35.8%
The version of MySQL installed on the remote host is earlier than 5.0.36 and thus reportedly allows a local user to cause a denial of service.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(17803);
script_version("1.4");
script_cvs_date("Date: 2018/07/16 14:09:12");
script_cve_id("CVE-2007-1420");
script_bugtraq_id(22900);
script_name(english:"MySQL < 5.0.36 Denial of Service");
script_summary(english:"Checks version of MySQL Server");
script_set_attribute(attribute:"synopsis", value:
"The remote database server allows a local user to cause a denial of
service.");
script_set_attribute(attribute:"description", value:
"The version of MySQL installed on the remote host is earlier than
5.0.36 and thus reportedly allows a local user to cause a denial of
service.");
script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-36.html");
script_set_attribute(attribute:"solution", value:"Upgrade to MySQL version 5.0.36 or later.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/02/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/16");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mysql_version.nasl", "mysql_login.nasl");
script_require_keys("Settings/ParanoidReport");
script_require_ports("Services/mysql", 3306);
exit(0);
}
include("mysql_version.inc");
mysql_check_version(fixed:'5.0.36', severity:SECURITY_NOTE);
Related
nessus
nessus
GLSA-200705-11 : MySQL: Two Denial of Service vulnerabilities
2007-05-10 00:00:00
Ubuntu 6.06 LTS / 6.10 : mysql-dfsg-5.0 vulnerability (USN-440-1)
2007-11-10 00:00:00
MySQL Single Row Subselect Remote DoS
2007-03-30 00:00:00
ubuntucve
ubuntucve
CVE-2007-1420
2007-03-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-440-1)
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200705-11 (MySQL)
2008-09-24 00:00:00
MySQL < 5.0.37 Single Row Subselect Remote DoS Vulnerability
2008-10-24 00:00:00
securityvulns
securityvulns
MySQL subselect DoS
2007-03-09 00:00:00
cvelist
cvelist
CVE-2007-1420
2007-03-12 23:00:00
exploitdb
exploitdb
MySQL 5.0.x - Single Row SubSelect Remote Denial of Service
2007-03-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:28:42
nvd
nvd
CVE-2007-1420
2007-03-12 23:19:00
gentoo
gentoo
MySQL: Two Denial of Service vulnerabilities
2007-05-08 00:00:00
ubuntu
ubuntu
MySQL vulnerability
2007-03-22 00:00:00
prion
prion
Design/Logic Flaw
2007-03-12 23:19:00
cve
cve
CVE-2007-1420
2007-03-12 23:19:00
redhat
redhat
(RHSA-2008:0364) Low: mysql security and bug fix update
2008-05-20 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2008-05-30 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
35.8%
Related for MYSQL_5_0_36.NASL