CVE-2006-7232 : sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial o

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Published 2006-12-31 05:00:00

Updated 2018-10-17 17:59:05

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql InjectionDenial of service

Threat overview for CVE-2006-7232

Top countries where our scanners detected CVE-2006-7232

Top open port discovered on systems with this issue 3306

IPs affected by CVE-2006-7232 2,135

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2006-7232!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2006-7232

Probability of exploitation activity in the next 30 days: 0.72%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 80 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-7232

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.5	LOW	AV:N/AC:M/Au:S/C:N/I:N/A:P	6.8	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2006-7232

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2006-7232

Red Hat 2008-07-25

This issue did not affect the MySQL packages as shipped in Red Hat Enterprise Linux 2.1, 3, and 4 as they did not support INFORMATION_SCHEMA, introduced in MySQL version 5. MySQL packages as shipped in Red Hat Enterprise Linux 5 were fixed via: https://rhn.redhat.com/errata/RHSA-2008-0364.html The MySQL packages as shipped in Red Hat Application Stack v1 and v2 are based on upstream version which has the fix included.

References for CVE-2006-7232

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html

Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0364.html

Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/28351

Third Party Advisory;VDB Entry
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html

Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11720

Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

Third Party Advisory

CVEs referencing this url
http://bugs.mysql.com/bug.php?id=22413

Patch;Vendor Advisory
http://www.ubuntu.com/usn/usn-588-1

Third Party Advisory

CVEs referencing this url

Products affected by CVE-2006-7232

Mysql » Mysql
Versions from including (>=) 5.1 and before (<) 5.1.14
cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*
Matching versions
Mysql » Mysql
Versions from including (>=) 5.0 and before (<) 5.0.32
cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 6.06 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 6.10
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 7.04
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 7.10
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
Matching versions