Download
| Alert*
|
oval:org.secpod.oval:def:201740
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary data. A remote, authenticated attacker could use specially-crafted WKB d ... oval:org.secpod.oval:def:201737 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary data. A remote, authenticated attacker could use specially-crafted WKB d ... oval:org.secpod.oval:def:202151 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker cou ... oval:org.secpod.oval:def:7486 The host is installed with Oracle MySQL 5.0.x before 5.0.93 or 5.1.x before 5.1.50 and is prone to SQL injection vulnerability. A flaw is present in the application, which fails to handle the slave configurations in which the slave is running a newer version than the master. Successful exploitation ... oval:org.secpod.oval:def:202250 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:4001 The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:3991 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial confidentiality impact. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:4002 The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:20679 The host is installed with Oracle MySQL 5.1 before 5.1.46 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack in conjunction with the DROP TABLE command. Successful exploitation allows local users to delete the data and ... oval:org.secpod.oval:def:4005 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial integrity impact. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:4003 The host is installed with Oracle MySQL 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:3998 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial confidentiality and integrity impact. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:20681 The host is installed with Oracle MySQL 5.1 before 5.1.49 or 5.0 before 5.0.92 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a join query that uses a table with a unique SET column. Successful exploitation allows remote authenti ... oval:org.secpod.oval:def:500334 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary data. A remote, authenticated attacker could use specially-crafted WKB d ... oval:org.secpod.oval:def:20689 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle vectors related to "materializing a derived table that required a temporary table for group ... oval:org.secpod.oval:def:20688 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly propagate type errors. Successful exploitation allows remote authenticated users to cause a ... oval:org.secpod.oval:def:20686 The host is installed with Oracle MySQL 5.1 before 5.1.49 or 5.0 before 5.0.92 and is prone to denial of service vulnerability. A flaw is present in the application, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. Successful exploitation allows remote authe ... oval:org.secpod.oval:def:3985 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a den ... oval:org.secpod.oval:def:500146 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. The MySQL PolyFromWKB function did not sanity check Well-Known Binary data, which could allow a remote, authenticated attacker to crash mysqld. A flaw in the w ... oval:org.secpod.oval:def:500664 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker cou ... oval:org.secpod.oval:def:500741 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.secpod.oval:def:20692 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors related a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modi ... oval:org.secpod.oval:def:20693 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which is not properly handled when the function's result is "processed using an intermediate temporary table.". Succ ... oval:org.secpod.oval:def:20691 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimi ... oval:org.secpod.oval:def:202236 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.mitre.oval:def:7210 Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot) in a table name. oval:org.secpod.oval:def:201861 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. A buffer overflow flaw was found in the way MySQL handled the parameters of the MySQL COM_FIELD_LIST network protocol command . An authenticated database user co ... oval:org.secpod.oval:def:201694 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. A buffer overflow flaw was found in the way MySQL handled the parameters of the MySQL COM_FIELD_LIST network protocol command . An authenticated database user co ... oval:org.mitre.oval:def:7328 The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length. oval:org.secpod.oval:def:500299 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. A buffer overflow flaw was found in the way MySQL handled the parameters of the MySQL COM_FIELD_LIST network protocol command . An authenticated database user co ... oval:org.secpod.oval:def:500739 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory p ... oval:org.mitre.oval:def:6693 Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name. |
