Preemptive Protection against MySQL sql_parse Information Disclosure Vulnerabilities
| Check Point Reference: | CPAI-2006-066 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | FrSIRT/ADV-2006-1633 | |
| Industry Reference(s): | CVE-2006-1516 | |
| Protection Provided by: |
InterSpect
|
|
| Who is Vulnerable? MySQL version 4.0.26 and prior MySQL version 4.1.18 and prior MySQL version 5.0.20 and prior MySQL version 5.1.9 and prior | ||
| Vulnerability Description An input validation flaw has been identified in several versions of MySQL, which could be exploited by attackers to compromise a vulnerable system or gain knowledge of sensitive information. |
||
|
Update/Patch Available Upgrade to MySQL version 5.0.21 : http://dev.mysql.com/downloads/ |
|
|
Vulnerability Details The vulnerability is due to an input validation error in the "sql_parse.cc" script that fails to handle malformed login packets. This could also be exploited by attackers to disclose portions of the memory in error messages. |
Protection Overview
Users of InterSpect NGX are protected against this vulnerability if the MySQL protections addressed in the Solution section of SBP-2006-04 have been applied. Any attempt to trigger this vulnerability will be blocked as part of preliminary sanity checks performed whenever any of the protections under MySQL Server Protocol is turned on.
To configure the defense, select your product from the list below and follow the related protection steps.