Vulnerability Name:

CVE-2006-7232 (CCN-40920)

Assigned:2006-09-16
Published:2006-09-16
Updated:2018-10-17
Summary:sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
CVSS v3 Severity:3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-89
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: MySQL Bug #22413
EXPLAIN SELECT FROM view with ORDER BY yield server crash

Source: CONFIRM
Type: Patch, Vendor Advisory
http://bugs.mysql.com/bug.php?id=22413

Source: MITRE
Type: CNA
CVE-2006-7232

Source: CONFIRM
Type: Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-32.html

Source: CONFIRM
Type: Vendor Advisory
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-14.html

Source: SUSE
Type: Third Party Advisory
SUSE-SR:2008:017

Source: CCN
Type: RHSA-2008-0364
Low: mysql security and bug fix update

Source: SECUNIA
Type: Third Party Advisory
29443

Source: SECUNIA
Type: Third Party Advisory
30351

Source: SECUNIA
Type: Third Party Advisory
31687

Source: CCN
Type: MySQL Web site
MySQL AB ::The world's most popular open source database

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0364

Source: BID
Type: Third Party Advisory, VDB Entry
28351

Source: CCN
Type: BID-28351
MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability

Source: CCN
Type: USN-588-1
MySQL vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-588-1

Source: CCN
Type: USN-588-2
MySQL regression

Source: XF
Type: UNKNOWN
mysql-sqlselect-dos(40920)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:11720

Source: SUSE
Type: SUSE-SA:2008:041
openwsman

Source: SUSE
Type: SUSE-SR:2008:017
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mysql:mysql:*:*:*:*:*:*:*:* (Version >= 5.0 and < 5.0.32)
  • OR cpe:/a:mysql:mysql:*:*:*:*:*:*:*:* (Version >= 5.1 and < 5.1.14)

    • Configuration 2:
  • cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.10:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.10:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.15:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.15:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.16:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.16:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.17:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.17:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.1:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.20:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.20:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.24:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.27:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.0.3:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mysql:mysql:5.0.22.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20067232
    V
    		CVE-2006-7232
    2017-09-27
    oval:org.mitre.oval:def:17775
    P
    		USN-588-1 -- mysql-dfsg-5.0 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:17802
    P
    		USN-588-2 -- mysql-dfsg-5.0 regression
    2014-06-30
    oval:org.mitre.oval:def:22310
    P
    		ELSA-2008:0364: mysql security and bug fix update (Low)
    2014-05-26
    oval:org.mitre.oval:def:11720
    V
    		sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
    2013-04-29
    oval:com.redhat.rhsa:def:20080364
    P
    		RHSA-2008:0364: mysql security and bug fix update (Low)
    2008-05-21
    BACK
    mysql mysql *
    mysql mysql *
    canonical ubuntu linux 6.06
    canonical ubuntu linux 6.10
    canonical ubuntu linux 7.04
    canonical ubuntu linux 7.10
    mysql mysql 5.0
    mysql mysql 5.0.18
    mysql mysql 5.0.0
    mysql mysql 5.0.0.0
    mysql mysql 5.0.0 alpha
    mysql mysql 5.0.1
    mysql mysql 5.0.10
    mysql mysql 5.0.10a
    mysql mysql 5.0.11
    mysql mysql 5.0.12
    mysql mysql 5.0.13
    mysql mysql 5.0.14
    mysql mysql 5.0.15
    mysql mysql 5.0.15a
    mysql mysql 5.0.16
    mysql mysql 5.0.16a
    mysql mysql 5.0.17
    mysql mysql 5.0.17a
    mysql mysql 5.0.19
    mysql mysql 5.0.1a
    mysql mysql 5.0.2
    mysql mysql 5.0.20
    mysql mysql 5.0.20a
    mysql mysql 5.0.21
    mysql mysql 5.0.22
    mysql mysql 5.0.24
    mysql mysql 5.0.27
    mysql mysql 5.0.3
    mysql mysql 5.0.3 beta
    mysql mysql 5.0.3a
    mysql mysql 5.1.1
    mysql mysql 5.1.10
    mysql mysql 5.1.11
    mysql mysql 5.1.12
    mysql mysql 5.1.13
    mysql mysql 5.1.2
    mysql mysql 5.1.3
    mysql mysql 5.1.4
    mysql mysql 5.1.5
    mysql mysql 5.1.6
    mysql mysql 5.1.7
    mysql mysql 5.1.8
    mysql mysql 5.1.9
    mysql mysql 5.0.22.1.0.1
    mysql mysql 5.1
    canonical ubuntu 6.06
    redhat enterprise linux 5
    redhat enterprise linux 5
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    novell opensuse 10.3
    novell opensuse 11.0