Release DateAug 18, 2009 |
Severityhigh |
ImpactDenial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attack attempt against a format string vulnerability in Sun Microsystems MySQL database server.The vulnerability is caused by an error when the vulnerable software handles a specially crafted create or drop database command. It allows a remote attacker to cause a denial of service (daemon crash). |
Affected ProductsMySQL 5.xMySQL 4.x |
Recommended ActionsUpgrade to the latest version:http://dev.mysql.com/downloads/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-2446 |
Reference/shttp://www.securityfocus.com/bid/35609 (BugTraq)http://www.frsirt.com/english/advisories/2009/1857 (FrSIRT) |
