Rapid7 Vulnerability & Exploit Database

RHSA-2010:0825: mysql security update

Back to Search

RHSA-2010:0825: mysql security update

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
01/14/2011
Created
07/25/2018
Added
01/14/2011
Modified
07/04/2017

Description

MySQL is a multi-user, multi-threaded SQL database server. It consists ofthe MySQL server daemon (mysqld) and many client programs and libraries.It was found that the MySQL PolyFromWKB() function did not sanity checkWell-Known Binary (WKB) data. A remote, authenticated attacker could usespecially-crafted WKB data to crash mysqld. This issue only caused atemporary denial of service, as mysqld was automatically restarted afterthe crash. (CVE-2010-3840)A flaw was found in the way MySQL processed certain JOIN queries. If astored procedure contained JOIN queries, and that procedure was executedtwice in sequence, it could cause an infinite loop, leading to excessiveCPU use (up to 100%). A remote, authenticated attacker could use this flawto cause a denial of service. (CVE-2010-3839)A flaw was found in the way MySQL processed queries that provide a mixtureof numeric and longblob data types to the LEAST or GREATEST function. Aremote, authenticated attacker could use this flaw to crash mysqld. Thisissue only caused a temporary denial of service, as mysqld wasautomatically restarted after the crash. (CVE-2010-3838)A flaw was found in the way MySQL processed PREPARE statements containingboth GROUP_CONCAT and the WITH ROLLUP modifier. A remote, authenticatedattacker could use this flaw to crash mysqld. This issue only caused atemporary denial of service, as mysqld was automatically restarted afterthe crash. (CVE-2010-3837)It was found that MySQL did not properly pre-evaluate LIKE arguments inview prepare mode. A remote, authenticated attacker could possibly use thisflaw to crash mysqld. (CVE-2010-3836)A flaw was found in the way MySQL processed statements that assign a valueto a user-defined variable and that also contain a logical valueevaluation. A remote, authenticated attacker could use this flaw to crashmysqld. This issue only caused a temporary denial of service, as mysqld wasautomatically restarted after the crash. (CVE-2010-3835)A flaw was found in the way MySQL evaluated the arguments of extreme-valuefunctions, such as LEAST and GREATEST. A remote, authenticated attackercould use this flaw to crash mysqld. This issue only caused a temporarydenial of service, as mysqld was automatically restarted after the crash.(CVE-2010-3833)A flaw was found in the way MySQL processed EXPLAIN statements for somecomplex SELECT queries. A remote, authenticated attacker could use thisflaw to crash mysqld. This issue only caused a temporary denial of service,as mysqld was automatically restarted after the crash. (CVE-2010-3682)A flaw was found in the way MySQL processed certain alternating READrequests provided by HANDLER statements. A remote, authenticated attackercould use this flaw to provide such requests, causing mysqld to crash. Thisissue only caused a temporary denial of service, as mysqld wasautomatically restarted after the crash. (CVE-2010-3681)A flaw was found in the way MySQL processed CREATE TEMPORARY TABLEstatements that define NULL columns when using the InnoDB storage engine. Aremote, authenticated attacker could use this flaw to crash mysqld. Thisissue only caused a temporary denial of service, as mysqld wasautomatically restarted after the crash. (CVE-2010-3680)A flaw was found in the way MySQL processed JOIN queries that attempt toretrieve data from a unique SET column. A remote, authenticated attackercould use this flaw to crash mysqld. This issue only caused a temporarydenial of service, as mysqld was automatically restarted after the crash.(CVE-2010-3677)All MySQL users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. After installing thisupdate, the MySQL server daemon (mysqld) will be restarted automatically.

Solution(s)

  • redhat-upgrade-mysql
  • redhat-upgrade-mysql-bench
  • redhat-upgrade-mysql-devel
  • redhat-upgrade-mysql-server
  • redhat-upgrade-mysql-test

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;