National Cyber Awareness System

Vulnerability Summary for CVE-2006-3081

Overview

mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.

Impact

CVSS Severity (version 2.0 upgrade from v1.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA06-208A

Name: TA06-208A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-208A.html

US-CERT Technical Alert: TA07-072A

Name: TA07-072A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA07-072A.html

External Source: VUPEN

Name: ADV-2007-0930

Hyperlink:http://www.vupen.com/english/advisories/2007/0930

External Source: UBUNTU

Name: USN-306-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-306-1

External Source: BID

Name: 18439

Hyperlink:http://www.securityfocus.com/bid/18439

External Source: BUGTRAQ

Name: 20060615 Re: MySQL DoS

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/437571/100/0/threaded

External Source: BUGTRAQ

Name: 20060615 Re: MySQL DoS

Hyperlink:http://www.securityfocus.com/archive/1/437277

External Source: BUGTRAQ

Name: 20060614 MySQL DoS

Hyperlink:http://www.securityfocus.com/archive/1/437145

External Source: DEBIAN

Name: DSA-1112

Hyperlink:http://www.debian.org/security/2006/dsa-1112

External Source: SECUNIA

Name: 20871

Type: Advisory

Hyperlink:http://secunia.com/advisories/20871

External Source: SECUNIA

Name: 20832

Type: Advisory

Hyperlink:http://secunia.com/advisories/20832

External Source: SECUNIA

Name: 19929

Type: Advisory

Hyperlink:http://secunia.com/advisories/19929

External Source: FULLDISC

Name: 20060615 MySQL DoS

Hyperlink:http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html

External Source: OVAL

Name: oval:org.mitre.oval:def:9516

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9516

External Source: CONFIRM

Name: http://bugs.mysql.com/bug.php?id=15828

Hyperlink:http://bugs.mysql.com/bug.php?id=15828

External Source: CONFIRM

Name: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913

Hyperlink:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913

External Source: XF

Name: mysql-select-dos(27212)

Hyperlink:http://xforce.iss.net/xforce/xfdb/27212

External Source: REDHAT

Name: RHSA-2007:0083

Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0083.html

External Source: MANDRIVA

Name: MDKSA-2006:111

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:111

External Source: SECUNIA

Name: 24479

Hyperlink:http://secunia.com/advisories/24479

External Source: APPLE

Name: APPLE-SA-2007-03-13

Hyperlink:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

External Source: CONFIRM

Name: http://docs.info.apple.com/article.html?artnum=305214

Hyperlink:http://docs.info.apple.com/article.html?artnum=305214

References to Check Content

Identifier:oval:org.mitre.oval:def:9516

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9516