MySQL < 5.0.88 Multiple Vulnerabilities
Medium Log Correlation Engine Plugin ID 801144
SynopsisThe remote database server is vulnerable to multiple attack vectors.
DescriptionThe remote host is running MySQL Community server < 5.0.88. Such versions are potentially affected by multiple issues :
- MySQL clients linked against OpenSSL are vulnerable to man-in-the-middle attacks. (Bug #47320)
- The GeomFromWKB() function can be manipulated to cause a denial of service. (Bug #47780)
- Specially crafted SELECT statements containing sub-queries in the WHERE clause can cause the server to crash. (Bug 48291)
SolutionUpgrade to MySQL Community server 5.0.88 or later.