National Vulnerability Database (NVD) National Vulnerability Database (CVE-2008-3963)

National Cyber Awareness System

Vulnerability Summary for CVE-2008-3963

Original release date:09/11/2008

Last revised:01/23/2013

Source: US-CERT/NIST

Overview

MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:4.0 (MEDIUM) (AV:N/AC:L/Au:S/C:N/I:N/A:P) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Required to exploit

Impact Type:Allows disruption of serviceUnknown

Vendor Statements (disclaimer)

Official Statement from Red Hat (09/02/2009)

This issue did not affect MySQL as supplied with Red Hat Enterprise Linux 3 or 4. This issue was addressed for Red Hat Enterprise Linux 5 and Red Hat Application Stack v2 https://rhn.redhat.com/cve/CVE-2008-3963.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: DEBIAN

Name: DSA-1783

Type: Patch Information

Hyperlink:http://www.debian.org/security/2009/dsa-1783

External Source: CONFIRM

Name: https://bugs.gentoo.org/237166

Hyperlink:https://bugs.gentoo.org/237166

External Source: XF

Name: mysql-bitstring-dos(45042)

Hyperlink:http://xforce.iss.net/xforce/xfdb/45042

External Source: VUPEN

Name: ADV-2008-2554

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2008/2554

External Source: UBUNTU

Name: USN-671-1

Hyperlink:http://www.ubuntu.com/usn/USN-671-1

External Source: SECTRACK

Name: 1020858

Hyperlink:http://www.securitytracker.com/id?1020858

External Source: REDHAT

Name: RHSA-2009:1289

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1289.html

External Source: REDHAT

Name: RHSA-2009:1067

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1067.html

External Source: MLIST

Name: [oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash

Hyperlink:http://www.openwall.com/lists/oss-security/2008/09/09/7

External Source: MLIST

Name: [oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash

Hyperlink:http://www.openwall.com/lists/oss-security/2008/09/09/4

External Source: MANDRIVA

Name: MDVSA-2009:094

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094

External Source: SECUNIA

Name: 36566

Hyperlink:http://secunia.com/advisories/36566

External Source: SECUNIA

Name: 34907

Type: Advisory

Hyperlink:http://secunia.com/advisories/34907

External Source: SECUNIA

Name: 32769

Hyperlink:http://secunia.com/advisories/32769

External Source: SECUNIA

Name: 32759

Type: Advisory

Hyperlink:http://secunia.com/advisories/32759

External Source: SECUNIA

Name: 31769

Type: Advisory

Hyperlink:http://secunia.com/advisories/31769

External Source: OVAL

Name: oval:org.mitre.oval:def:10521

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521

External Source: SUSE

Name: SUSE-SR:2008:025

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

External Source: CONFIRM

Name: http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html

Hyperlink:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html

External Source: CONFIRM

Name: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html

Hyperlink:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html

External Source: CONFIRM

Name: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html

Hyperlink:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html

External Source: CONFIRM

Name: http://bugs.mysql.com/bug.php?id=35658

Hyperlink:http://bugs.mysql.com/bug.php?id=35658

References to Check Content

Identifier:oval:org.mitre.oval:def:10521

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10521

Vulnerable software and versions

Configuration 1

* cpe:/a:mysql:mysql:5.0.0:alpha

* cpe:/a:mysql:mysql:5.0.0.0

* cpe:/a:mysql:mysql:5.0

* cpe:/a:mysql:mysql:5.0.0

* cpe:/a:mysql:mysql:5.0.12

* cpe:/a:mysql:mysql:5.0.13

* cpe:/a:mysql:mysql:5.0.10a

* cpe:/a:mysql:mysql:5.0.11

* cpe:/a:mysql:mysql:5.0.1

* cpe:/a:mysql:mysql:5.0.10

* cpe:/a:mysql:mysql:5.0.14

* cpe:/a:mysql:mysql:5.0.15a

* cpe:/a:mysql:mysql:5.0.15

* cpe:/a:mysql:mysql:5.0.16

* cpe:/a:mysql:mysql:5.0.16a

* cpe:/a:mysql:mysql:5.0.17

* cpe:/a:mysql:mysql:5.0.17a

* cpe:/a:mysql:mysql:5.0.18

* cpe:/a:mysql:mysql:5.0.19

* cpe:/a:mysql:mysql:5.0.1a

* cpe:/a:mysql:mysql:5.0.2

* cpe:/a:mysql:mysql:5.0.20

* cpe:/a:mysql:mysql:5.0.20a

* cpe:/a:mysql:mysql:5.0.21

* cpe:/a:mysql:mysql:5.0.22

* cpe:/a:mysql:mysql:5.0.22.1.0.1

* cpe:/a:mysql:mysql:5.0.24

* cpe:/a:mysql:mysql:5.0.23

* cpe:/a:mysql:mysql:5.0.24a

* cpe:/a:mysql:mysql:5.0.25

* cpe:/a:mysql:mysql:5.0.30:sp1

* cpe:/a:mysql:mysql:5.0.30

* cpe:/a:mysql:mysql:5.0.27

* cpe:/a:mysql:mysql:5.0.3:beta

* cpe:/a:mysql:mysql:5.0.3

* cpe:/a:mysql:mysql:5.0.37

* cpe:/a:mysql:mysql:5.0.26

* cpe:/a:mysql:mysql:5.0.33

* cpe:/a:mysql:mysql:5.0.36

* cpe:/a:mysql:mysql:5.0.32

* cpe:/a:mysql:mysql:5.0.5.0.21

* cpe:/a:mysql:mysql:5.0.45

* cpe:/a:mysql:mysql:5.0.5

* cpe:/a:mysql:mysql:5.0.44

* cpe:/a:mysql:mysql:5.0.42

* cpe:/a:mysql:mysql:5.0.38

* cpe:/a:mysql:mysql:5.0.4

* cpe:/a:mysql:mysql:5.0.3a

* cpe:/a:mysql:mysql:5.0.4a

* cpe:/a:mysql:mysql:5.0.41

* cpe:/a:mysql:mysql:5.0.50

* cpe:/a:mysql:mysql:5.0.6

* cpe:/a:mysql:mysql:5.0.56

* cpe:/a:mysql:mysql:5.0.54

* cpe:/a:mysql:mysql:5.0.52

* cpe:/a:mysql:mysql:5.0.51

* cpe:/a:mysql:mysql:5.0.51b

* cpe:/a:mysql:mysql:5.0.51a

* cpe:/a:mysql:mysql:5.0.60

* cpe:/a:mysql:mysql:5.1.5

* cpe:/a:mysql:mysql:5.1.6

* cpe:/a:mysql:mysql:5.1.3

* cpe:/a:mysql:mysql:5.1.4

* cpe:/a:mysql:mysql:5.1.9

* cpe:/a:mysql:mysql:5.1.7

* cpe:/a:mysql:mysql:5.1.8

* cpe:/a:mysql:mysql:5.1.13

* cpe:/a:mysql:mysql:5.1.14

* cpe:/a:mysql:mysql:5.1.11

* cpe:/a:mysql:mysql:5.1.12

* cpe:/a:mysql:mysql:5.1.17

* cpe:/a:mysql:mysql:5.1.2

* cpe:/a:mysql:mysql:5.1.15

* cpe:/a:mysql:mysql:5.1.16

* cpe:/a:mysql:mysql:5.1.23_bk

* cpe:/a:mysql:mysql:5.1

* cpe:/a:mysql:mysql:5.1.10

* cpe:/a:mysql:mysql:5.1.1

* cpe:/a:mysql:mysql:5.1.21

* cpe:/a:mysql:mysql:5.1.22

* cpe:/a:mysql:mysql:5.1.23a

* cpe:/a:mysql:mysql:5.1.5a

* cpe:/a:mysql:mysql:5.1.18

* cpe:/a:mysql:mysql:5.1.19

* cpe:/a:mysql:mysql:5.1.20

* cpe:/a:mysql:mysql:5.1.23

* cpe:/a:mysql:mysql:6.0.2

* cpe:/a:mysql:mysql:6.0.1

* cpe:/a:mysql:mysql:6.0.4

* cpe:/a:mysql:mysql:6.0.3

* cpe:/a:mysql:mysql:6.0.0

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Format String Vulnerability (CWE-134)
Other (NVD-CWE-Other)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963