PT-2010-3475 · Oracle+1 · Mysql Server+1

Andrew Dalgleish

Published

2010-06-07

Updated

2019-12-17

CVE-2010-1849

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions MySQL versions 5.0 through 5.0.91 MySQL versions 5.1 prior to 5.1.47

Description The issue allows remote attackers to cause a denial of service by consuming CPU and bandwidth. This is achieved by sending a large number of packets that exceed the maximum length, exploiting the my net skip rest function in sql/net serv.cc.

Recommendations For MySQL versions 5.0 through 5.0.91, update to a version later than 5.0.91 to resolve the issue. For MySQL versions 5.1 prior to 5.1.47, update to version 5.1.47 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-1849

DSA-2057-1

RHSA-2012:0127

RHSA-2012_0127

Affected Products

Mysql Server

Red Hat

PT-2010-3475 · Oracle+1 · Mysql Server+1

CVE-2010-1849

Related Identifiers

Affected Products

References · 22