MySQL Community Server 5.1 < 5.1.46 Multiple Vulnerabilities

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote database server is affected by multiple vulnerabilities.

Description :

The version of MySQL Community Server 5.1 installed on the remote host
is earlier than 5.1.46 and thus potentially affected by the following
vulnerabilities :

- A local user may be able to issue a 'DROP TABLE' command
for one MyISAM table and remove the data and index files
of a different MyISAM table. (Bug #40980)

- The application does not correct check privileges in
calls to 'UNINSTALL PLUGIN', which could be abused by
an unprivileged user to uninstall plugins loaded
dynamically. (Bug #51770)

See also :

Solution :

Upgrade to MySQL Community Server 5.1.46 or later.

Risk factor :

Low / CVSS Base Score : 3.6
CVSS Temporal Score : 3.0
Public Exploit Available : true

Family: Databases

Nessus Plugin ID: 46328 ()

Bugtraq ID: 39543

CVE ID: CVE-2010-1621