FKIE_CVE-2006-3081
Vulnerability from fkie_nvd - Published: 2006-06-19 18:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5A4D224C-8ABF-41A0-A7BE-C10C2387DE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C93CE88F-2941-4A08-9472-359CF214F81C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC198CDB-CAC0-41DD-9FCD-42536E7FE11A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B77A2761-2B44-4061-9C29-A54F90A1AD83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3AD851-056F-4E57-B85B-4AC5A5A20C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD24EA8C-4FCA-4F40-B2EA-7DFA49432483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "754B78F2-A03C-40BE-812B-F5E57B93D20B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "35BED939-3366-4CBF-B6BF-29C0C42E97F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FED5BA55-FF4F-4F89-89B1-554624DDA1AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32CA2F70-77E4-4280-B845-4CE5774162C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA788329-9A66-49EA-B7E4-E465C0E7E320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4297E6B7-6C5A-4D52-A66B-F9D1AE17E988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E6769975-47A4-4D0A-9181-F59776D13D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "053ACE9B-A146-42C0-ADB2-47F6119965D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function."
},
{
"lang": "es",
"value": "mysqld en MySQL v4.1.x antes de v4.1.18, v5.0.x antes de v5.0.19, y v5.1.x antes de v5.1.6 permite causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a usuarios remotos autorizados a trav\u00e9s de un segundo argumento nulo para la funci\u00f3n STR_TO_DATE."
}
],
"id": "CVE-2006-3081",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-19T18:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.mysql.com/bug.php?id=15828"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19929"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20832"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20871"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24479"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437145"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437277"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/18439"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/306-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.mysql.com/bug.php?id=15828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/18439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/306-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…