MySQL Community Server 5.1 < 5.1.32 XPath Expression DoS
Medium Nessus Network Monitor Plugin ID 4946
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionThe version of MySQL 5.1 installed on the remote host is earlier than 5.1.32 and is affected by a denial of service vulnerability. Specifically, a user can cause an assertion failure leading to a server crash by calling 'ExtractValue()' or 'UpdateXML()' using an XPath expression employing a scalar expression as a 'FilterExpr'.
SolutionUpgrade to version 5.1.32 or higher.