CVE-2006-3081
published 2006-06-19CVE-2006-3081: mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL…
PriorityP424medium4CVSS 2.0
AVNACLAuSCNINAP
EXPLOIT
EPSS
22.17%
97.4th percentile
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
vendor_redhat4.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-87h3-8fr8-25m3: mysqld in MySQL 4
ghsa_unreviewed·2022-05-01
CVE-2006-3081 [MEDIUM] GHSA-87h3-8fr8-25m3: mysqld in MySQL 4
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
Ubuntu
MySQL 4.1 vulnerability
vendor_ubuntu·2006-06-27
CVE-2006-3081 MySQL 4.1 vulnerability
Title: MySQL 4.1 vulnerability
Summary: MySQL 4.1 vulnerability
MySQL did not correctly handle NULL as the second argument to the
str_to_date() function. An authenticated user could exploit this to
crash the server.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
security flaw
vendor_redhat·2006-06-14·CVSS 4.0
CVE-2006-3081 [MEDIUM] security flaw
security flaw
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
No detection rules found.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913http://bugs.mysql.com/bug.php?id=15828http://docs.info.apple.com/article.html?artnum=305214http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlhttp://seclists.org/lists/fulldisclosure/2006/Jun/0434.htmlhttp://secunia.com/advisories/19929http://secunia.com/advisories/20832http://secunia.com/advisories/20871http://secunia.com/advisories/24479http://www.debian.org/security/2006/dsa-1112http://www.mandriva.com/security/advisories?name=MDKSA-2006:111http://www.redhat.com/support/errata/RHSA-2007-0083.htmlhttp://www.securityfocus.com/archive/1/437145http://www.securityfocus.com/archive/1/437277http://www.securityfocus.com/archive/1/437571/100/0/threadedhttp://www.securityfocus.com/bid/18439http://www.us-cert.gov/cas/techalerts/TA06-208A.htmlhttp://www.us-cert.gov/cas/techalerts/TA07-072A.htmlhttp://www.vupen.com/english/advisories/2007/0930https://exchange.xforce.ibmcloud.com/vulnerabilities/27212https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516https://usn.ubuntu.com/306-1/http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913http://bugs.mysql.com/bug.php?id=15828http://docs.info.apple.com/article.html?artnum=305214http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlhttp://seclists.org/lists/fulldisclosure/2006/Jun/0434.htmlhttp://secunia.com/advisories/19929http://secunia.com/advisories/20832http://secunia.com/advisories/20871http://secunia.com/advisories/24479http://www.debian.org/security/2006/dsa-1112http://www.mandriva.com/security/advisories?name=MDKSA-2006:111http://www.redhat.com/support/errata/RHSA-2007-0083.htmlhttp://www.securityfocus.com/archive/1/437145http://www.securityfocus.com/archive/1/437277http://www.securityfocus.com/archive/1/437571/100/0/threadedhttp://www.securityfocus.com/bid/18439http://www.us-cert.gov/cas/techalerts/TA06-208A.htmlhttp://www.us-cert.gov/cas/techalerts/TA07-072A.htmlhttp://www.vupen.com/english/advisories/2007/0930https://exchange.xforce.ibmcloud.com/vulnerabilities/27212https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516https://usn.ubuntu.com/306-1/
2006-06-19
Published