Download
| Alert*
oval:org.secpod.oval:def:201971
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker cou ... oval:org.secpod.oval:def:201740 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary data. A remote, authenticated attacker could use specially-crafted WKB d ... oval:org.secpod.oval:def:201737 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary data. A remote, authenticated attacker could use specially-crafted WKB d ... oval:org.secpod.oval:def:202151 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker cou ... oval:org.secpod.oval:def:202250 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:4001 The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:3991 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial confidentiality impact. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:4002 The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:4005 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial integrity impact. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:20676 The host is installed with Oracle MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24 or 6.0.x before 6.0.5 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation allows local users ... oval:org.secpod.oval:def:20677 The host is installed with Oracle MySQL 5.0 before 5.0.66, 5.1 before 5.1.26 or 6.0 before 6.0.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle handle a b'' (b single-quote single-quote) token. Successful exploitation allows remo ... oval:org.secpod.oval:def:4003 The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:3998 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial confidentiality and integrity impact. Successful exploitation allows remote attacke ... oval:org.mitre.oval:def:8500 mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote auth ... oval:org.secpod.oval:def:20681 The host is installed with Oracle MySQL 5.1 before 5.1.49 or 5.0 before 5.0.92 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a join query that uses a table with a unique SET column. Successful exploitation allows remote authenti ... oval:org.secpod.oval:def:201942 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use th ... oval:org.secpod.oval:def:500482 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use th ... oval:org.secpod.oval:def:201852 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use th ... oval:org.secpod.oval:def:500334 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary data. A remote, authenticated attacker could use specially-crafted WKB d ... oval:org.secpod.oval:def:20689 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle vectors related to "materializing a derived table that required a temporary table for group ... oval:org.secpod.oval:def:20688 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly propagate type errors. Successful exploitation allows remote authenticated users to cause a ... oval:org.secpod.oval:def:20686 The host is installed with Oracle MySQL 5.1 before 5.1.49 or 5.0 before 5.0.92 and is prone to denial of service vulnerability. A flaw is present in the application, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. Successful exploitation allows remote authe ... oval:org.secpod.oval:def:3985 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a den ... oval:org.mitre.oval:def:8510 The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate ... oval:org.secpod.oval:def:500146 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. The MySQL PolyFromWKB function did not sanity check Well-Known Binary data, which could allow a remote, authenticated attacker to crash mysqld. A flaw in the w ... oval:org.secpod.oval:def:500664 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker cou ... oval:org.secpod.oval:def:500741 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:20692 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors related a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modi ... oval:org.secpod.oval:def:20693 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which is not properly handled when the function's result is "processed using an intermediate temporary table.". Succ ... oval:org.secpod.oval:def:20691 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimi ... oval:org.secpod.oval:def:500739 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... |