MySQL Community Server 5.0 < 5.0.45 Multiple Vulnerabilities

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.

Synopsis :

The remote database server is susceptible to multiple attacks.

Description :

The version of MySQL Community Server installed on the remote host
is reportedly affected by a denial of service vulnerability that can
lead to a server crash with a specially crafted password packet.

It is also affected by a privilege escalation vulnerability because
'CREATE TABLE LIKE' does not require any privileges on the source
table, which allows an attacker to create arbitrary tables using the
affected application.

See also :

Solution :

Upgrade to MySQL Community Server version 5.0.45 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false

Family: Databases

Nessus Plugin ID: 25759 ()

Bugtraq ID: 25017

CVE ID: CVE-2007-3780