This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
The check_connection function in sql_parse.cc in MySQL 4.0.x up to
4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote
attackers to read portions of memory via a username without a trailing
null byte, which causes a buffer over-read. (CVE-2006-1516)
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and
5.0.x up to 5.0.20 allows remote attackers to obtain sensitive
information via a COM_TABLE_DUMP request with an incorrect packet
length, which includes portions of memory in an error message.
Updated packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0