Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DB:MYSQL:MYSQL-DATE-FS

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 DB

Keywords

 MySQL Date Format String

Release Date

 2006/08/21

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DB: MySQL Date Format String


This signature detects attempts to exploit a known vulnerability against MySQL database. Versions prior to 4.1.21, 5.0.21 or 5.1.9 are vulnerable. A successful attack can allow remote code execution.

Extended Description

MySQL is prone to a remote denial-of-service vulnerability because the database server fails to properly handle unexpected input. This issue allows remote attackers to crash affected database servers, denying service to legitimate users. Attackers must be able to execute arbitrary SQL statements on affected servers, which requires valid credentials to connect to affected servers. Attackers may exploit this issue in conjunction with latent SQL-injection vulnerabilities in other applications. Versions prior to MySQL 4.1.18, 5.0.19, and 5.1.6 are vulnerable.

Affected Products

  • Apple Mac OS X Server 10.4.0
  • Apple Mac OS X Server 10.4.1
  • Apple Mac OS X Server 10.4.2
  • Apple Mac OS X Server 10.4.3
  • Apple Mac OS X Server 10.4.4
  • Apple Mac OS X Server 10.4.5
  • Apple Mac OS X Server 10.4.6
  • Apple Mac OS X Server 10.4.7
  • Apple Mac OS X Server 10.4.8
  • Debian Linux 3.1.0
  • Debian Linux 3.1.0 Alpha
  • Debian Linux 3.1.0 Amd64
  • Debian Linux 3.1.0 Arm
  • Debian Linux 3.1.0 Hppa
  • Debian Linux 3.1.0 Ia-32
  • Debian Linux 3.1.0 Ia-64
  • Debian Linux 3.1.0 M68k
  • Debian Linux 3.1.0 Mips
  • Debian Linux 3.1.0 Mipsel
  • Debian Linux 3.1.0 Ppc
  • Debian Linux 3.1.0 S/390
  • Debian Linux 3.1.0 Sparc
  • Gentoo Linux
  • MySQL AB MySQL 4.0.18
  • MySQL AB MySQL 4.1.11
  • MySQL AB MySQL 4.1.12
  • MySQL AB MySQL 4.1.13
  • MySQL AB MySQL 4.1.15
  • MySQL AB MySQL 4.1.16
  • MySQL AB MySQL 4.1.4
  • MySQL AB MySQL 4.1.5
  • MySQL AB MySQL 4.1.7
  • MySQL AB MySQL 5.0.0 .0-0
  • MySQL AB MySQL 5.0.1
  • MySQL AB MySQL 5.0.18
  • MySQL AB MySQL 5.0.2
  • MySQL AB MySQL 5.0.3
  • MySQL AB MySQL 5.0.4
  • MySQL AB MySQL 5.1.5
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 4
  • Slackware Linux 10.2.0
  • Ubuntu Ubuntu Linux 5.10.0 Amd64
  • Ubuntu Ubuntu Linux 5.10.0 I386
  • Ubuntu Ubuntu Linux 5.10.0 Powerpc
  • Ubuntu Ubuntu Linux 5.10.0 Sparc

References

  • BugTraq: 19032
  • CVE: CVE-2006-3469
  • URL: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
  • URL: http://www.securityfocus.com/bid/19032

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out