PT-2007-7173 · Oracle · Mysql Server

Publicado

2007-12-10

Atualizado

2024-06-15

CVE-2007-6304

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions MySQL versions 5.0.x through 5.0.50, MySQL versions 5.1.x through 5.1.22, MySQL versions 6.0.x through 6.0.3

Description The federated engine in MySQL, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service via a response that lacks the minimum required number of columns, resulting in a federated handler crash and daemon crash.

Recommendations For MySQL versions 5.0.x through 5.0.50, update to version 5.0.51a or later. For MySQL versions 5.1.x through 5.1.22, update to version 5.1.23 or later. For MySQL versions 6.0.x through 6.0.3, update to version 6.0.4 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-6304

DSA-1451-1

OPENSUSE-SU-2024:11038-1

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

Produtos afetados

Mysql Server

PT-2007-7173 · Oracle · Mysql Server

CVE-2007-6304

Identificadores relacionados

Produtos afetados

Referências · 451