Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6304

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6304
Last Modified 05 Nov 2012 10:51:48
Published 10 Dec 2007 04:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6304

Summary

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

Vulnerable Systems

Application

  • Mysql 5.0

  • Mysql 5.0.0

  • Mysql 5.0.0.0

  • Mysql 5.0.1

  • Mysql 5.0.10

  • Mysql 5.0.10a

  • Mysql 5.0.11

  • Mysql 5.0.12

  • Mysql 5.0.13

  • Mysql 5.0.14

  • Mysql 5.0.15

  • Mysql 5.0.15a

  • Mysql 5.0.16

  • Mysql 5.0.16a

  • Mysql 5.0.17

  • Mysql 5.0.17a

  • Mysql 5.0.18

  • Mysql 5.0.19

  • Mysql 5.0.1a

  • Mysql 5.0.2

  • Mysql 5.0.20

  • Mysql 5.0.20a

  • Mysql 5.0.21

  • Mysql 5.0.22

  • Mysql 5.0.22.1.0.1

  • Mysql 5.0.24

  • Mysql 5.0.27

  • Mysql 5.0.3

  • Mysql 5.0.33

  • Mysql 5.0.37

  • Mysql 5.0.3a

  • Mysql 5.0.4

  • Mysql 5.0.41

  • Mysql 5.0.4a

  • Mysql 5.0.5

  • Mysql 5.0.5.0.21

  • Mysql 5.0.6

  • Mysql 5.0.7

  • Mysql 5.0.8

  • Mysql 5.0.9

  • Mysql 5.1.1

  • Mysql 5.1.10

  • Mysql 5.1.11

  • Mysql 5.1.12

  • Mysql 5.1.13

  • Mysql 5.1.14

  • Mysql 5.1.15

  • Mysql 5.1.16

  • Mysql 5.1.17

  • Mysql 5.1.2

  • Mysql 6.0.0

  • Mysql 6.0.1

  • Mysql 6.0.2

  • Mysql 6.0.3


References

CONFIRM - https://issues.rpath.com/browse/RPL-2187

XF - mysql-federated-engine-dos(38990)

VUPEN - ADV-2007-4198

UBUNTU - USN-559-1

BID - 26832

BUGTRAQ - 20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server

MANDRIVA - MDVSA-2008:028

MANDRIVA - MDVSA-2008:017

DEBIAN - DSA-1451

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040

SECTRACK - 1019085

GENTOO - GLSA-200804-04

SECUNIA - 29706

SECUNIA - 28838

SECUNIA - 28739

SECUNIA - 28637

SECUNIA - 28343

SECUNIA - 28128

SECUNIA - 28063

SUSE - SUSE-SR:2008:003

CONFIRM - http://lists.mysql.com/announce/502

CONFIRM - http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html

CONFIRM - http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html

CONFIRM - http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html

CONFIRM - http://bugs.mysql.com/bug.php?id=29801

OSVDB - 42609

Related Patches

Novell SUSE 2008:4879 mysql security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:58:26