Rapid7 Vulnerability & Exploit Database

USN-1017-1: MySQL vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-1017-1: MySQL vulnerabilities

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

01/14/2011

Created

07/25/2018

Added

05/06/2013

Modified

07/09/2020

Description

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."

Solution(s)

ubuntu-upgrade-mysql-server-5-0
ubuntu-upgrade-mysql-server-5-1

References

https://attackerkb.com/topics/cve-2010-2008
APPLE-SA-2011-06-23-1
41198
42596
42598
42599
42625
42633
42638
42646
43676
CVE - 2010-2008
CVE - 2010-3677
CVE - 2010-3678
CVE - 2010-3679
CVE - 2010-3680
CVE - 2010-3681
CVE - 2010-3682
CVE - 2010-3683
CVE - 2010-3833
CVE - 2010-3834
CVE - 2010-3835
CVE - 2010-3836
CVE - 2010-3837
CVE - 2010-3838
CVE - 2010-3839
CVE - 2010-3840
DSA-2143
OVAL11869
RHSA-2010:0824
RHSA-2010:0825
RHSA-2011:0164
USN-1017-1
64683
64684
64685
64686
64687
64688
64838
64839
64840
64841
64842
64843
64844
64845

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;