Info

Disclosure

Jan 17, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jan 17, 2012

Description

Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Oracle Corporation	MySQL	5.1.x
		5.5.x

References

Security Tracker: 1026530
CVE ID: 2011-2262 (see also: NVD)
Secunia Advisory ID: 47082 47586 47928 48250 49174 49180
Bugtraq ID: 51493
Related OSVDB ID: 78368 78369 78370 78371 78372 78373 78374 78375 78377 78378 78379 78380 78381 78382 78383 78384 78385 78386 78387 78388 78389 78390 78391 78392 78393 78394
Vendor Specific News/Changelog Entry: http://www.debian.org/security/2012/dsa-2429
http://www.ubuntu.com/usn/usn-1397-1/
https://hermes.opensuse.org/messages/14566469
https://hermes.opensuse.org/messages/14566510
Vendor Specific Advisory URL: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixMSQL
RedHat RHSA: RHSA-2012:0105

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/78376

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Oracle Corporation

MySQL

References

Credit