Signature Detail
Short Name |
DB:MYSQL:COM-FIELD-LIST-BO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
Oracle MySQL Database COM_FIELD_LIST Buffer Overflow |
Release Date |
2013/09/10 |
Update Number |
2298 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DB: Oracle MySQL Database COM_FIELD_LIST Buffer Overflow
This signature detects attempts to exploit a known flaw in MySQL database server. A successful attack can lead to arbitrary code execution.
Extended Description
MySQL is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An authenticated attacker can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Versions prior to MySQL 5.1.47 are vulnerable.
Affected Products
- Apple Mac OS X 10.5
- Apple Mac OS X 10.5.0
- Apple Mac OS X 10.5.1
- Apple Mac OS X 10.5.2
- Apple Mac OS X 10.5.3
- Apple Mac OS X 10.5.4
- Apple Mac OS X 10.5.5
- Apple Mac OS X 10.5.6
- Apple Mac OS X 10.5.7
- Apple Mac OS X 10.5.8
- Apple Mac OS X 10.6
- Apple Mac OS X 10.6.1
- Apple Mac OS X 10.6.2
- Apple Mac OS X 10.6.3
- Apple Mac OS X 10.6.4
- Apple Mac OS X Server 10.5
- Apple Mac OS X Server 10.5.0
- Apple Mac OS X Server 10.5.1
- Apple Mac OS X Server 10.5.2
- Apple Mac OS X Server 10.5.3
- Apple Mac OS X Server 10.5.4
- Apple Mac OS X Server 10.5.5
- Apple Mac OS X Server 10.5.6
- Apple Mac OS X Server 10.5.7
- Apple Mac OS X Server 10.5.8
- Apple Mac OS X Server 10.6
- Apple Mac OS X Server 10.6.1
- Apple Mac OS X Server 10.6.2
- Apple Mac OS X Server 10.6.3
- Apple Mac OS X Server 10.6.4
- Debian Linux 5.0
- Debian Linux 5.0 Alpha
- Debian Linux 5.0 Amd64
- Debian Linux 5.0 Arm
- Debian Linux 5.0 Armel
- Debian Linux 5.0 Hppa
- Debian Linux 5.0 Ia-32
- Debian Linux 5.0 Ia-64
- Debian Linux 5.0 M68k
- Debian Linux 5.0 Mips
- Debian Linux 5.0 Mipsel
- Debian Linux 5.0 Powerpc
- Debian Linux 5.0 S/390
- Debian Linux 5.0 Sparc
- Gentoo Linux
- Mandriva Corporate Server 4.0
- Mandriva Corporate Server 4.0.0 X86 64
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2008.0
- Mandriva Linux Mandrake 2008.0 X86 64
- Mandriva Linux Mandrake 2009.0
- Mandriva Linux Mandrake 2009.0 X86 64
- Mandriva Linux Mandrake 2009.1
- Mandriva Linux Mandrake 2009.1 X86 64
- Mandriva Linux Mandrake 2010.0
- Mandriva Linux Mandrake 2010.0 X86 64
- MySQL AB MySQL 5.0.0 .0-0
- MySQL AB MySQL 5.0.1
- MySQL AB MySQL 5.0.18
- MySQL AB MySQL 5.0.19
- MySQL AB MySQL 5.0.2
- MySQL AB MySQL 5.0.20
- MySQL AB MySQL 5.0.21
- MySQL AB MySQL 5.0.22
- MySQL AB MySQL 5.0.22 -1-0.1
- MySQL AB MySQL 5.0.24
- MySQL AB MySQL 5.0.26
- MySQL AB MySQL 5.0.27
- MySQL AB MySQL 5.0.3
- MySQL AB MySQL 5.0.32
- MySQL AB MySQL 5.0.33
- MySQL AB MySQL 5.0.36
- MySQL AB MySQL 5.0.37
- MySQL AB MySQL 5.0.38
- MySQL AB MySQL 5.0.39
- MySQL AB MySQL 5.0.4
- MySQL AB MySQL 5.0.40
- MySQL AB MySQL 5.0.42
- MySQL AB MySQL 5.0.44
- MySQL AB MySQL 5.0.45
- MySQL AB MySQL 5.0.46
- MySQL AB MySQL 5.0.47
- MySQL AB MySQL 5.0.48
- MySQL AB MySQL 5.0.49
- MySQL AB MySQL 5.0.50
- MySQL AB MySQL 5.0.51
- MySQL AB MySQL 5.0.51A
- MySQL AB MySQL 5.0.52
- MySQL AB MySQL 5.0.60
- MySQL AB MySQL 5.0.66
- MySQL AB MySQL 5.0.75
- MySQL AB MySQL 5.0.88
- MySQL AB MySQL 5.1.10
- MySQL AB MySQL 5.1.11
- MySQL AB MySQL 5.1.12
- MySQL AB MySQL 5.1.13
- MySQL AB MySQL 5.1.14
- MySQL AB MySQL 5.1.15
- MySQL AB MySQL 5.1.16
- MySQL AB MySQL 5.1.17
- MySQL AB MySQL 5.1.18
- MySQL AB MySQL 5.1.22
- MySQL AB MySQL 5.1.23
- MySQL AB MySQL 5.1.26
- MySQL AB MySQL 5.1.30
- MySQL AB MySQL 5.1.31
- MySQL AB MySQL 5.1.32
- MySQL AB MySQL 5.1.33
- MySQL AB MySQL 5.1.34
- MySQL AB MySQL 5.1.35
- MySQL AB MySQL 5.1.36
- MySQL AB MySQL 5.1.37
- MySQL AB MySQL 5.1.38
- MySQL AB MySQL 5.1.39
- MySQL AB MySQL 5.1.41
- MySQL AB MySQL 5.1.42
- MySQL AB MySQL 5.1.42
- MySQL AB MySQL 5.1.43
- MySQL AB MySQL 5.1.44
- MySQL AB MySQL 5.1.45
- MySQL AB MySQL 5.1.46
- MySQL AB MySQL 5.1.5
- MySQL AB MySQL 5.1.6
- MySQL AB MySQL 5.1.9
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Fedora 11
- Red Hat Fedora 12
- Red Hat Fedora 13
- SuSE openSUSE 11.1
- SuSE openSUSE 11.2
- SuSE SUSE Linux Enterprise 10 SP3
- SuSE SUSE Linux Enterprise 11 SP1
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 ARM
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 10.10 amd64
- Ubuntu Ubuntu Linux 10.10 ARM
- Ubuntu Ubuntu Linux 10.10 i386
- Ubuntu Ubuntu Linux 10.10 powerpc
- Ubuntu Ubuntu Linux 11.04 amd64
- Ubuntu Ubuntu Linux 11.04 ARM
- Ubuntu Ubuntu Linux 11.04 i386
- Ubuntu Ubuntu Linux 11.04 powerpc
- Ubuntu Ubuntu Linux 11.10 amd64
- Ubuntu Ubuntu Linux 11.10 i386
- Ubuntu Ubuntu Linux 6.06 LTS Amd64
- Ubuntu Ubuntu Linux 6.06 LTS I386
- Ubuntu Ubuntu Linux 6.06 LTS Powerpc
- Ubuntu Ubuntu Linux 6.06 LTS Sparc
- Ubuntu Ubuntu Linux 8.04 LTS Amd64
- Ubuntu Ubuntu Linux 8.04 LTS I386
- Ubuntu Ubuntu Linux 8.04 LTS Lpia
- Ubuntu Ubuntu Linux 8.04 LTS Powerpc
- Ubuntu Ubuntu Linux 8.04 LTS Sparc
- Ubuntu Ubuntu Linux 9.04 Amd64
- Ubuntu Ubuntu Linux 9.04 I386
- Ubuntu Ubuntu Linux 9.04 Lpia
- Ubuntu Ubuntu Linux 9.04 Powerpc
- Ubuntu Ubuntu Linux 9.04 Sparc
- Ubuntu Ubuntu Linux 9.10 Amd64
- Ubuntu Ubuntu Linux 9.10 I386
- Ubuntu Ubuntu Linux 9.10 Lpia
- Ubuntu Ubuntu Linux 9.10 Powerpc
- Ubuntu Ubuntu Linux 9.10 Sparc
References
- BugTraq: 40106
- CVE: CVE-2010-1850