icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

MySQL Empty Binary String DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

This version of MySQL is vulnerable to a remote Denial of Service (DoS) attack when it processes empty binary strings. An attacker exploiting this flaw would need some way of injecting data into a MySQL query. Successful exploitation would result in the database crashing.

Solution

Upgrade to version 5.0.66, 5.1.26, 6.0.6 or higher.