Multiple vulnerabilities in Google, mysql
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Resource management error
EUVDB-ID: #VU45463
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2010-3677
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to perform service disruption.
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
MitigationInstall update from vendor's website.
Vulnerable software versionsmysql: 5.0.0 - 5.1.47
CPE2.3- cpe:2.3::google:mysql:5.0.0:*:*:*:*:*:*:*
- cpe:2.3::google:mysql:5.0.1:*:*:*:*:*:*:*
- cpe:2.3::google:mysql:5.0.2:*:*:*:*:*:*:*
https://bugs.mysql.com/bug.php?id=54575
https://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html
https://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
https://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
https://secunia.com/advisories/42875
https://secunia.com/advisories/42936
https://support.apple.com/kb/HT4723
https://www.debian.org/security/2011/dsa-2143
https://www.mandriva.com/security/advisories?name=MDVSA-2010:155
https://www.mandriva.com/security/advisories?name=MDVSA-2010:222
https://www.mandriva.com/security/advisories?name=MDVSA-2011:012
https://www.openwall.com/lists/oss-security/2010/09/28/10
https://www.redhat.com/support/errata/RHSA-2010-0825.html
https://www.redhat.com/support/errata/RHSA-2011-0164.html
https://www.securityfocus.com/bid/42646
https://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt
https://www.ubuntu.com/usn/USN-1017-1
https://www.ubuntu.com/usn/USN-1397-1
https://www.vupen.com/english/advisories/2011/0105
https://www.vupen.com/english/advisories/2011/0133
https://www.vupen.com/english/advisories/2011/0170
https://www.vupen.com/english/advisories/2011/0345
https://bugzilla.redhat.com/show_bug.cgi?id=628040
https://exchange.xforce.ibmcloud.com/vulnerabilities/64688
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) NULL pointer dereference
EUVDB-ID: #VU45468
Risk: Low
CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2010-3682
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in with crafted "SELECT .. UNION .. ORDER BY (SELECT .. WHERE ..)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. Per: http://cwe.mitre.org/data/definitions/476. A remote attacker can perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsmysql: 5.0.0 - 5.1.47
CPE2.3- cpe:2.3::google:mysql:5.0.0:*:*:*:*:*:*:*
- cpe:2.3::google:mysql:5.0.1:*:*:*:*:*:*:*
- cpe:2.3::google:mysql:5.0.2:*:*:*:*:*:*:*
https://bugs.mysql.com/bug.php?id=52711
https://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html
https://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
https://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
https://secunia.com/advisories/42875
https://secunia.com/advisories/42936
https://support.apple.com/kb/HT4723
https://www.debian.org/security/2011/dsa-2143
https://www.mandriva.com/security/advisories?name=MDVSA-2010:155
https://www.mandriva.com/security/advisories?name=MDVSA-2010:222
https://www.mandriva.com/security/advisories?name=MDVSA-2011:012
https://www.openwall.com/lists/oss-security/2010/09/28/10
https://www.redhat.com/support/errata/RHSA-2010-0825.html
https://www.redhat.com/support/errata/RHSA-2011-0164.html
https://www.securityfocus.com/bid/42599
https://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt
https://www.ubuntu.com/usn/USN-1017-1
https://www.ubuntu.com/usn/USN-1397-1
https://www.vupen.com/english/advisories/2011/0105
https://www.vupen.com/english/advisories/2011/0133
https://www.vupen.com/english/advisories/2011/0170
https://www.vupen.com/english/advisories/2011/0345
https://bugzilla.redhat.com/show_bug.cgi?id=628328
https://exchange.xforce.ibmcloud.com/vulnerabilities/64684
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
