Short Name |
DB:MYSQL:UNIQ-SET-COL-JOIN-DOS |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
DB |
Keywords |
Oracle MySQL Database Unique SET Column Join Denial of Service |
Release Date |
2010/10/25 |
Update Number |
1798 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known denial-of-service vulnerability in Oracle MySQL database server. It is due to an error while handling joins involving a table with a unique SET column. Remote authenticated attackers can exploit this by sending malicious command packets to the server that causes a join with aforementioned condition. A successful attack can cause the target server to terminate, denying service to all users until the server is restarted.
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.