Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle MySQL < 5.0.88 Multiple Vulnerabilities

High

Synopsis

The remote database server is vulnerable to multiple attack vectors.

Description

The remote host is running MySQL Community server < 5.0.88. Such versions are potentially affected by multiple issues :

- MySQL clients linked against OpenSSL are vulnerable to man-in-the-middle attacks. (Bug #47320)

- The GeomFromWKB() function can be manipulated to cause a denial of service. (Bug #47780)

- Specially crafted SELECT statements containing sub-queries in the WHERE clause can cause the server to crash. (Bug 48291)

Solution

Upgrade to MySQL Community server 5.0.88 or later.