FreeBSD : mysql -- FTS request denial of service vulnerability (29edd807-438d-11d9-8bb9-00065be4b5b6)

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A special crafted MySQL FTS request can cause the server to crash.
Malicious MySQL users can abuse this bug in a denial of service attack
against systems running an affected MySQL daemon.

Note that because this bug is related to the parsing of requests, it
may happen that this bug is triggered accidentally by a user when he or
she makes a typo.

See also :

http://bugs.mysql.com/bug.php?id=3870
http://www.nessus.org/u?f18935c5

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18882 (freebsd_pkg_29edd807438d11d98bb900065be4b5b6.nasl)

Bugtraq ID: 11432

CVE ID: CVE-2004-0956

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now