fkie_cve-2006-3081
Vulnerability from fkie_nvd
Published
2006-06-19 18:02
Modified
2025-04-03 01:03
Severity ?
Summary
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
References
cve@mitre.orghttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913
cve@mitre.orghttp://bugs.mysql.com/bug.php?id=15828
cve@mitre.orghttp://docs.info.apple.com/article.html?artnum=305214
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
cve@mitre.orghttp://seclists.org/lists/fulldisclosure/2006/Jun/0434.html
cve@mitre.orghttp://secunia.com/advisories/19929Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20832Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20871Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24479
cve@mitre.orghttp://www.debian.org/security/2006/dsa-1112
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:111
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2007-0083.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/437145
cve@mitre.orghttp://www.securityfocus.com/archive/1/437277
cve@mitre.orghttp://www.securityfocus.com/archive/1/437571/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/18439Exploit
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA06-208A.htmlUS Government Resource
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0930
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27212
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516
cve@mitre.orghttps://usn.ubuntu.com/306-1/
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913
af854a3a-2127-422b-91ae-364da2661108http://bugs.mysql.com/bug.php?id=15828
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=305214
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19929Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20832Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20871Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24479
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1112
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:111
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0083.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/437145
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/437277
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/437571/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18439Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-208A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0930
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27212
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/306-1/
Impacted products
Vendor Product Version
mysql mysql 4.1.13
mysql mysql 4.1.15
mysql mysql 5.0.0
mysql mysql 5.0.1
mysql mysql 5.0.2
mysql mysql 5.0.3
mysql mysql 5.0.4
mysql mysql 5.1.5
oracle mysql 4.0.18
oracle mysql 4.1.4
oracle mysql 4.1.5
oracle mysql 4.1.7
oracle mysql 4.1.16
oracle mysql 5.0.18



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4D224C-8ABF-41A0-A7BE-C10C2387DE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93CE88F-2941-4A08-9472-359CF214F81C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC198CDB-CAC0-41DD-9FCD-42536E7FE11A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77A2761-2B44-4061-9C29-A54F90A1AD83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3AD851-056F-4E57-B85B-4AC5A5A20C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD24EA8C-4FCA-4F40-B2EA-7DFA49432483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "754B78F2-A03C-40BE-812B-F5E57B93D20B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "35BED939-3366-4CBF-B6BF-29C0C42E97F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FED5BA55-FF4F-4F89-89B1-554624DDA1AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "32CA2F70-77E4-4280-B845-4CE5774162C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA788329-9A66-49EA-B7E4-E465C0E7E320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4297E6B7-6C5A-4D52-A66B-F9D1AE17E988",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6769975-47A4-4D0A-9181-F59776D13D38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "053ACE9B-A146-42C0-ADB2-47F6119965D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function."
    },
    {
      "lang": "es",
      "value": "mysqld en MySQL v4.1.x antes de v4.1.18, v5.0.x antes de v5.0.19, y v5.1.x antes de v5.1.6 permite causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a usuarios remotos autorizados a trav\u00e9s de un segundo argumento nulo para la funci\u00f3n STR_TO_DATE."
    }
  ],
  "id": "CVE-2006-3081",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-19T18:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.mysql.com/bug.php?id=15828"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20832"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20871"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1112"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/437145"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/437277"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/18439"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/306-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.mysql.com/bug.php?id=15828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20871"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/437145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/437277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/18439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/306-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…