Vulnerability CVE-2010-2008 - CERT Civis.Net

Vulnerability Name:

CVE-2010-2008 (CCN-59905)

Assigned:

2010-05-19

Published:

2010-05-19

Updated:

2020-11-09

Summary:

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

CVSS v3 Severity:

3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P)
2.6 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: MySQL Bug #53804
serious flaws in the alter database .. upgrade data directory name command

Source: CONFIRM
Type: Exploit, Issue Tracking, Vendor Advisory
http://bugs.mysql.com/bug.php?id=53804

Source: MITRE
Type: CNA
CVE-2010-2008

Source: CCN
Type: MySQL Web Site
C.1.1. Changes in MySQL 5.1.48 (02 June 2010)

Source: CONFIRM
Type: Broken Link
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html

Source: FEDORA
Type: Third Party Advisory
FEDORA-2010-11135

Source: CCN
Type: SA40333
MySQL ALTER DATABASE Denial of Service

Source: SECUNIA
Type: Third Party Advisory
40333

Source: SECUNIA
Type: Third Party Advisory
40762

Source: CCN
Type: SECTRACK ID: 1024160
MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service

Source: MANDRIVA
Type: Broken Link
MDVSA-2010:155

Source: CCN
Type: OSVDB ID: 65851
MySQL ALTER DATABASE #mysql50# Prefix Handling DoS

Source: BID
Type: Exploit, Third Party Advisory, VDB Entry
41198

Source: CCN
Type: BID-41198
Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability

Source: SECTRACK
Type: Exploit, Third Party Advisory, VDB Entry
1024160

Source: UBUNTU
Type: Third Party Advisory
USN-1017-1

Source: UBUNTU
Type: Third Party Advisory
USN-1397-1

Source: VUPEN
Type: Permissions Required
ADV-2010-1918

Source: XF
Type: UNKNOWN
mysql-alterdatabase-dos(59905)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:11869

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [08-03-2010]

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:mysql:*:*:*:*:*:*:*:* (Version < 5.1.48)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

OR cpe:/o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

OR cpe:/o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:mysql:5.0.18:*:*:*:*:*:*:*

OR cpe:/a:mysql:mysql:5.0.5.0.21:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.15:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.15:a:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.16:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.16:a:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.17:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.17:a:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.19:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.20:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.20:a:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.21:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.22:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.24:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.27:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.33:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.37:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.41:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.23:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.51a:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.45:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.23:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.24:a:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.51:b:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.30:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.75:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.77:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.81:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.82:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.83:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.45:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.44:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.43:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.42:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.41:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.40:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.39:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.38:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.37:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.36:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.35:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.34:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.33:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.32:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.31:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.91:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.90:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.89:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.88:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.87:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.86:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.85:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.84:-:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.0.67:*:*:*:*:*:*:*

OR cpe:/a:mysql:mysql:5.0.45b:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.46:*:*:*:*:*:*:*

OR cpe:/a:oracle:mysql:5.1.47:*:*:*:*:*:*:*

AND

cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20102008	V	CVE-2010-2008	2015-11-16
oval:org.mitre.oval:def:13602	P	USN-1017-1 -- mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:14934	P	USN-1397-1 -- MySQL vulnerabilities	2014-06-30
oval:org.mitre.oval:def:11869	V	Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability	2013-11-04