Oracle MySQL 5.5.x < 5.5.45 / 5.6.x < 5.6.26 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 9235
SynopsisThe remote database server is vulnerable to multiple attack vectors.
DescriptionThe version of MySQL installed on the remote host is version 5.5.x prior to 5.5.45 or 5.6.x prior to 5.6.26 and is affected by multiple issues :
- An overflow condition exists in mysqlslap that is triggered as user-supplied input is not properly validated when parsing options. This may allow an attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
- A flaw exists that is triggered when handling 'CHAR(0) NOT NULL' column operations. This may allow an attacker to cause the server to exit.
- A use-after-free error exists in the Enterprise Firewall and Binary Logging components. The issue is triggered when both of these are enabled. This may allow an attacker to dereference already freed memory and potentially execute arbitrary code.
- An off-by-one overflow condition exists in the string-copying functionality. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a limited buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.
SolutionUpgrade to MySQL 5.6.26 or later. If 5.6.x cannot be obtained, version 5.5.45 is also patched for these issues.