MySQL 5.0 < 5.0.88 Multiple Vulnerabilities

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote database server is affected by multiple vulnerabilities.

Description :

The version of MySQL 5.0 installed on the remote host is earlier than
5.0.88. It is, therefore, potentially affected by the following
vulnerabilities :

- MySQL clients linked against OpenSSL are vulnerable
to man-in-the-middle attacks. (Bug #47320)

- The GeomFromWKB() function can be manipulated
to cause a denial of service. (Bug #47780)

- Specially crafted SELECT statements containing sub-
queries in the WHERE clause can cause the server
to crash. (Bug #48291)

- It is possible to bypass access restrictions when the
data directory contains a symbolic link to a different
file system. (Bug #39277)

See also :

http://bugs.mysql.com/bug.php?id=47320
http://bugs.mysql.com/bug.php?id=47780
http://bugs.mysql.com/bug.php?id=48291
http://bugs.mysql.com/bug.php?id=39277
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html

Solution :

Upgrade to MySQL 5.0.88 or later.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Databases

Nessus Plugin ID: 42899 ()

Bugtraq ID: 37076
37297
38043

CVE ID: CVE-2012-4452
CVE-2009-4019
CVE-2009-4028
CVE-2008-7247