MySQL < 4.1.13a / 5.0.11 Zlib Library Buffer Overflow

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote database server is vulnerable to a denial of service
attack.

Description :

The version of MySQL installed on the remote host is older than
4.1.13a or 5.0.11 and as such, may have been linked with zlib 1.2.2.

On operating systems where the MySQL binaries are statically linked
(mainly Windows and HP-UX), a remote attacker could crash the server
by triggering a buffer overflow in zlib.

See also :

http://www.nessus.org/u?f319ad90
http://www.nessus.org/u?f319ad90

Solution :

Upgrade to MySQL version 4.1.13a / 5.0.11 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Databases

Nessus Plugin ID: 17828 ()

Bugtraq ID: 14340

CVE ID: CVE-2005-1849