MySQL < 3.23.55 mysql_change_user() Double-free Memory Pointer DoS

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote database service is prone to a denial of service attack.

Description :

According to its banner, a version of MySQL before 3.23.55 is running
on the remote host. If you have not patched this version, then an
attacker with valid credentials may be able to crash this service
remotely by exploiting a double free bug.

Further exploitation to gain a shell on the host might be possible,
although it's unconfirmed so far.

Solution :

Upgrade to MySQL 3.23.55 or newer.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score : 3.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Databases

Nessus Plugin ID: 11299 ()

Bugtraq ID: 6718

CVE ID: CVE-2003-0073