Download
| Alert*
oval:org.mitre.oval:def:8282
MySQL Server 5.0 is installed oval:org.secpod.oval:def:7486 The host is installed with Oracle MySQL 5.0.x before 5.0.93 or 5.1.x before 5.1.50 and is prone to SQL injection vulnerability. A flaw is present in the application, which fails to handle the slave configurations in which the slave is running a newer version than the master. Successful exploitation ... oval:org.secpod.oval:def:3991 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial confidentiality impact. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:20689 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle vectors related to "materializing a derived table that required a temporary table for group ... oval:org.secpod.oval:def:20676 The host is installed with Oracle MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24 or 6.0.x before 6.0.5 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation allows local users ... oval:org.secpod.oval:def:4005 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial integrity impact. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:20677 The host is installed with Oracle MySQL 5.0 before 5.0.66, 5.1 before 5.1.26 or 6.0 before 6.0.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle handle a b'' (b single-quote single-quote) token. Successful exploitation allows remo ... oval:org.secpod.oval:def:20688 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly propagate type errors. Successful exploitation allows remote authenticated users to cause a ... oval:org.secpod.oval:def:20686 The host is installed with Oracle MySQL 5.1 before 5.1.49 or 5.0 before 5.0.92 and is prone to denial of service vulnerability. A flaw is present in the application, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. Successful exploitation allows remote authe ... oval:org.secpod.oval:def:3998 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial confidentiality and integrity impact. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:3985 The host is installed with Oracle MySQL 5.0.x before 5.0.95 or 5.1.x before 5.1.61 or 5.5.x before 5.5.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which results in a partial availability impact. Successful exploitation allows remote attackers to cause a den ... oval:org.mitre.oval:def:8510 The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate ... oval:org.mitre.oval:def:8500 mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote auth ... oval:org.secpod.oval:def:20681 The host is installed with Oracle MySQL 5.1 before 5.1.49 or 5.0 before 5.0.92 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a join query that uses a table with a unique SET column. Successful exploitation allows remote authenti ... oval:org.secpod.oval:def:20692 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors related a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modi ... oval:org.secpod.oval:def:20693 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which is not properly handled when the function's result is "processed using an intermediate temporary table.". Succ ... oval:org.secpod.oval:def:20691 The host is installed with Oracle MySQL 5.0 before 5.0.92, 5.1 before 5.1.51 or 5.5 before 5.5.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimi ... oval:org.mitre.oval:def:6693 Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name. oval:org.mitre.oval:def:7210 Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot) in a table name. oval:org.mitre.oval:def:7328 The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length. |