How to Buy
This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote database server is potentially affected by multiple
User-defined functions in MySQL can allow a database user to cause
binary libraries on the host to be loaded. The insert privilege on
the table 'mysql.func' is required for a user to create user-defined
functions. When running on Windows and possibly other operating
systems, MySQL is potentially affected by the following
- If an invalid library is requested the Windows
function 'LoadLibraryEx' will block processing until
an error dialog box is acknowledged on the server.
It is not likely that non-Windows systems are affected
by this particular issue.
- MySQL requires that user-defined libraries contain
functions with names fitting the formats: 'XXX_deinit'
or 'XXX_init'. However, other libraries are known to
contain functions fitting these formats and, when called
upon, can cause application crashes, memory corruption
and stack pollution.
See also :
There is currently no known fix or patch to address these issues.
Instead, make sure access to create user-defined functions is
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 8.5
Public Exploit Available : false
Nessus Plugin ID: 17698 ()
Bugtraq ID: 62358
CVE ID: CVE-2005-2572
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.