CVE-2010-3683
published 2011-01-11CVE-2010-3683: Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated…
PriorityP426medium4CVSS 2.0
AVNACLAuSCNINAP
EXPLOIT
EPSS
12.23%
95.7th percentile
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
Affected
58 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| mysql | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
| oracle | mysql | — | — |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
vendor_redhat4.0MEDIUM
vendor_ubuntu3.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
MySQL vulnerabilities
vendor_ubuntu·2012-03-12
CVE-2007-5925 MySQL vulnerabilities
Title: MySQL vulnerabilities
Summary: Several security issues were fixed in MySQL.
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10,
Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to
MySQL 5.0.95.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
MySQL vulnerabilities
vendor_ubuntu·2010-11-11·CVSS 3.5
CVE-2010-2008 [LOW] MySQL vulnerabilities
Title: MySQL vulnerabilities
It was discovered that MySQL incorrectly handled certain requests with the
UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit
this to make MySQL crash, causing a denial of service. This issue only
affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-2008)
It was discovered that MySQL incorrectly handled joins involving a table
with a unique SET column. An authenticated user could exploit this to make
MySQL crash, causing a denial of service. This issue only affected Ubuntu
6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3677)
It was discovered that MySQL incorrectly handled NULL arguments to IN() or
CASE operations. An authenticated user could exploit this to make MySQL
crash, causing a denial of service. This issue only affected Ubuntu 9.10
Red Hat
MySQL: mysqld DoS (assertion failure) while reading the file back into a table (MySQL bug #52512)
vendor_redhat·2010-07-09·CVSS 4.0
CVE-2010-3683 [MEDIUM] MySQL: mysqld DoS (assertion failure) while reading the file back into a table (MySQL bug #52512)
MySQL: mysqld DoS (assertion failure) while reading the file back into a table (MySQL bug #52512)
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
Statement: Not vulnerable. This issue did not affect the versions of mysql package
as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Package: mysql (Red Hat Enterprise Linux 4) - Not affected
Package: mysql (Red Hat Enterprise Linux 5) - Not affected
GHSA
GHSA-5q5q-54rm-rj75: Oracle MySQL 5
ghsa_unreviewed·2022-05-13
CVE-2010-3683 [MEDIUM] GHSA-5q5q-54rm-rj75: Oracle MySQL 5
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
No detection rules found.
Exploit-DB
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service
exploitdb·2010-08-20
CVE-2010-3683 OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service
---
source: https://www.securityfocus.com/bid/42625/info
MySQL is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to crash the database, denying access to legitimate users.
This issue affects versions prior to MySQL 5.1.49.
NOTE: This issue was previously covered in BID 42594 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been given its own record to better document it.
# cat t/tst.test
# The file might exist or not, it does not make any difference.
# --send is important
CREATE TABLE test.t_load (id INT NOT NULL);
--send LOAD DATA LOCAL INFILE 'tb.txt' INTO TABLE test.t_load
#
Exploit-DB
freeFTPd 1.0 - 'Username' Remote Overflow (Metasploit)
exploitdb·2010-07-03
CVE-2005-3683 freeFTPd 1.0 - 'Username' Remote Overflow (Metasploit)
freeFTPd 1.0 - 'Username' Remote Overflow (Metasploit)
---
##
# $Id: freeftpd_user.rb 9669 2010-07-03 03:13:45Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'freeFTPd 1.0 Username Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the freeFTPd
multi-protocol file transfer service. This flaw can only be
exploited when logging has been enabled (non-default).
},
'Author' => 'MC',
'License' => MSF_LICENSE,
'Version' => '$Revision: 9669 $',
'References' =>
[
[ 'CVE', '2005-3683'],
[ 'OSVDB', '20909'],
[ 'BI
Bugzilla
CVE-2010-3676 CVE-2010-3677 CVE-2010-3678 CVE-2010-3679 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3683 mysql various flaws [fedora-all]
bugzilla·2010-09-23·CVSS 4.0
CVE-2010-3676 [MEDIUM] CVE-2010-3676 CVE-2010-3677 CVE-2010-3678 CVE-2010-3679 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3683 mysql various flaws [fedora-all]
CVE-2010-3676 CVE-2010-3677 CVE-2010-3678 CVE-2010-3679 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3683 mysql various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new
Bugzilla
CVE-2010-3683 MySQL: mysqld DoS (assertion failure) while reading the file back into a table (MySQL bug #52512)
bugzilla·2010-08-30·CVSS 4.0
CVE-2010-3683 [MEDIUM] CVE-2010-3683 MySQL: mysqld DoS (assertion failure) while reading the file back into a table (MySQL bug #52512)
CVE-2010-3683 MySQL: mysqld DoS (assertion failure) while reading the file back into a table (MySQL bug #52512)
MySQL improperly handled LOAD DATA INFILE requests (it did not
check for SQL errors and sent an OK packet even when errors were
already reported). A remote, authenticated MySQL user could use
this flaw to cause mysqld daemon abort (assertion failure).
References:
[1] http://secunia.com/advisories/41048/
[2] http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
Upstream bug report:
[3] http://bugs.mysql.com/bug.php?id=52512
Upstream changeset:
[4] http://lists.mysql.com/commits/105163
Discussion:
Public reproducer from [3]:
# cat t/tst.test
# The file might exist or not, it does not make any difference.
# --send is important
CREATE TABLE test.t_load (id INT NOT NULL);
--
http://bugs.mysql.com/bug.php?id=52512http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.htmlhttp://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.htmlhttp://secunia.com/advisories/42936http://www.mandriva.com/security/advisories?name=MDVSA-2010:155http://www.mandriva.com/security/advisories?name=MDVSA-2011:012http://www.openwall.com/lists/oss-security/2010/09/28/10http://www.redhat.com/support/errata/RHSA-2011-0164.htmlhttp://www.securityfocus.com/bid/42625http://www.ubuntu.com/usn/USN-1017-1http://www.ubuntu.com/usn/USN-1397-1http://www.vupen.com/english/advisories/2011/0133http://www.vupen.com/english/advisories/2011/0170https://bugzilla.redhat.com/show_bug.cgi?id=628698https://exchange.xforce.ibmcloud.com/vulnerabilities/64683http://bugs.mysql.com/bug.php?id=52512http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.htmlhttp://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.htmlhttp://secunia.com/advisories/42936http://www.mandriva.com/security/advisories?name=MDVSA-2010:155http://www.mandriva.com/security/advisories?name=MDVSA-2011:012http://www.openwall.com/lists/oss-security/2010/09/28/10http://www.redhat.com/support/errata/RHSA-2011-0164.htmlhttp://www.securityfocus.com/bid/42625http://www.ubuntu.com/usn/USN-1017-1http://www.ubuntu.com/usn/USN-1397-1http://www.vupen.com/english/advisories/2011/0133http://www.vupen.com/english/advisories/2011/0170https://bugzilla.redhat.com/show_bug.cgi?id=628698https://exchange.xforce.ibmcloud.com/vulnerabilities/64683
2011-01-11
Published