MySQL < 3.23.54 / 4.0.6 Multiple Vulnerabilities

medium Nessus Plugin ID 11192

Synopsis

The remote database server could be disabled remotely.

Description

The remote host is running a version of MySQL older than 3.23.54 or 4.0.6.

The remote version of this product contains several flaw that could allow an attacker to crash this service remotely.

Solution

Upgrade MySQL to version 3.23.54 or 4.0.6.

See Also

http://www.nessus.org/u?4e1b5afc

Plugin Details

Severity: Medium

ID: 11192

File Name: mysql_multiple_flaws.nasl

Version: 1.33

Type: remote

Family: Databases

Published: 12/12/2002

Updated: 7/16/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:mysql:mysql

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/12/2002

Reference Information

CVE: CVE-2002-1373, CVE-2002-1374, CVE-2002-1375, CVE-2002-1376

BID: 6368, 6370, 6373, 6374, 6375, 8796

RHSA: 2002:166, 2002:288, 2002:289

SuSE: SUSE-SA