PT-2007-7173 · Oracle · Mysql Server

Published

2007-12-10

Updated

2024-06-15

CVE-2007-6304

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions MySQL versions 5.0.x through 5.0.50, MySQL versions 5.1.x through 5.1.22, MySQL versions 6.0.x through 6.0.3

Description The federated engine in MySQL, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service via a response that lacks the minimum required number of columns, resulting in a federated handler crash and daemon crash.

Recommendations For MySQL versions 5.0.x through 5.0.50, update to version 5.0.51a or later. For MySQL versions 5.1.x through 5.1.22, update to version 5.1.23 or later. For MySQL versions 6.0.x through 6.0.3, update to version 6.0.4 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-6304

DSA-1451-1

OPENSUSE-SU-2024:11038-1

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

Affected Products

Mysql Server

PT-2007-7173 · Oracle · Mysql Server

CVE-2007-6304

Related Identifiers

Affected Products

References · 451