Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.810604
Categoría:Databases
Título:Oracle MySQL Denial Of Service Vulnerability Feb17 (Linux)
Resumen:Oracle MySQL is prone to a denial of service (DoS) vulnerability.
Descripción:Summary:
Oracle MySQL is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
Multiple errors exist as,

- In sql-common/client.c script 'mysql_prune_stmt_list' function, the for loop
adds elements to pruned_list without removing it from the existing list.

- If application gets disconnected just before it tries to prepare a new
statement, 'mysql_prune_stmt_list' tries to detach all previously prepared
statements.

Vulnerability Impact:
Successful exploitation of this vulnerability
will allow attackers to cause crash of applications using that MySQL client.

Affected Software/OS:
Oracle MySQL version before 5.6.21 and
5.7.x before 5.7.5 on Linux

Solution:
Upgrade to Oracle MySQL version 5.6.21 or
5.7.5 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-3302
BugTraq ID: 96162
http://www.securityfocus.com/bid/96162
Debian Security Information: DSA-3809 (Google Search)
http://www.debian.org/security/2017/dsa-3809
Debian Security Information: DSA-3834 (Google Search)
http://www.debian.org/security/2017/dsa-3834
http://www.openwall.com/lists/oss-security/2017/02/11/11
RedHat Security Advisories: RHSA-2017:2192
https://access.redhat.com/errata/RHSA-2017:2192
RedHat Security Advisories: RHSA-2017:2787
https://access.redhat.com/errata/RHSA-2017:2787
RedHat Security Advisories: RHSA-2018:0279
https://access.redhat.com/errata/RHSA-2018:0279
RedHat Security Advisories: RHSA-2018:0574
https://access.redhat.com/errata/RHSA-2018:0574
http://www.securitytracker.com/id/1038287
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.