MySQL 5.5 < 5.5.24 Security Bypass Vulnerability
Medium Nessus Plugin ID 59449
SynopsisThe remote database server is affected by a security bypass vulnerability.
DescriptionThe version of MySQL 5.5 installed on the remote host is earlier than 5.5.24 and is, therefore, affected by the following vulnerabilities :
- Several errors exist related to 'GIS Extension', 'Server', 'InnoDB' and 'Server Optimizer' components that can allow denial of service attacks.
(CVE-2012-0540, CVE-2012-1734, CVE-2012-1735, CVE-2012-1756, CVE-2012-1757)
- A security bypass vulnerability exists that occurs due to improper casting during user login sessions.
(Bug #64884 / CVE-2012-2122)
- An error exists related to key length and sort order index that can lead to application crashes.
(Bug #59387 / CVE-2012-2749)
SolutionUpgrade to MySQL version 5.5.24 or later.