icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

MySQL < 5.0.88 Multiple Vulnerabilities

Medium

Synopsis

The remote database server is vulnerable to multiple attack vectors.

Description

The remote host is running MySQL Community server < 5.0.88. Such versions are potentially affected by multiple issues :

- MySQL clients linked against OpenSSL are vulnerable to man-in-the-middle attacks. (Bug #47320)

- The GeomFromWKB() function can be manipulated to cause a denial of service. (Bug #47780)

- Specially crafted SELECT statements containing sub-queries in the WHERE clause can cause the server to crash. (Bug 48291)

Solution

Upgrade to MySQL Community server 5.0.88 or later.