This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
According to its version number, the installation of MySQL on the
remote host is potentially affected by two flaws :
- A buffer overflow can be triggered when copying the name of a
user-defined function into a stack-based buffer. With
sufficient access to create a user-defined function, an
attacker may be able to exploit this and execute arbitrary
code within the context of the affected database server
- The mysql_create_function is not fully protected against
directory traversal attacks. On Windows, arbitrary files can
be included by using backslash characters. (CVE-2005-2573)
See also :
Upgrade to MySQL 4.0.25 / 4.1.13 / 5.0.7 or later.
Risk factor :
Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 4.4
Public Exploit Available : false