icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

MySQL Community Server 5.1 < 5.1.32 XPath Expression DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The version of MySQL 5.1 installed on the remote host is earlier than 5.1.32 and is affected by a denial of service vulnerability. Specifically, a user can cause an assertion failure leading to a server crash by calling 'ExtractValue()' or 'UpdateXML()' using an XPath expression employing a scalar expression as a 'FilterExpr'.

Solution

Upgrade to version 5.1.32 or higher.