Vulnerability Name:

CVE-2010-3679 (CCN-64687)

Assigned:2010-09-07
Published:2010-09-07
Updated:2019-12-17
Summary:Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
CVSS v3 Severity:3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.5 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.5 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: Patch
http://bugs.mysql.com/bug.php?id=54393

Source: MITRE
Type: CNA
CVE-2010-3679

Source: CCN
Type: MySQL Web site
D.1.7. Changes in MySQL 5.1.49 (09 July 2010)

Source: CONFIRM
Type: UNKNOWN
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html

Source: CCN
Type: RHSA-2011-0164
Moderate: mysql security update

Source: SECUNIA
Type: Vendor Advisory
42936

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:155

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:012

Source: MLIST
Type: Exploit, Patch
[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws

Source: CCN
Type: OSVDB ID: 67380
MySQL BINLOG Statement Unspecified Argument DoS

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0164

Source: BID
Type: UNKNOWN
42638

Source: CCN
Type: BID-42638
Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-1017-1

Source: UBUNTU
Type: UNKNOWN
USN-1397-1

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0133

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0170

Source: CONFIRM
Type: Exploit, Patch
https://bugzilla.redhat.com/show_bug.cgi?id=628062

Source: XF
Type: UNKNOWN
mysql-binlog-command-dos(64687)

Source: XF
Type: UNKNOWN
mysql-binlog-command-dos(64687)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.23:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.31:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.32:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.34:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.37:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.24:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.25:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.26:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.27:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.28:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.29:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.33:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.34:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.35:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.36:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.37:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.38:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.39:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.40:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.40:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.41:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.42:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.43:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.43:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.44:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.45:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.46:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.46:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.47:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.48:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.23:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.30:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.32:bzr:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.23:bk:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
  • OR cpe:/a:mysql:mysql:5.1.5a:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.45:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.44:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.43:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.42:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.41:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.40:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.39:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.38:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.37:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.36:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.35:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.34:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.33:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.32:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.31:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.46:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.47:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.48:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.23:a:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.24:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.25:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.26:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.27:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.28:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.29:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.34:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.37:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.40:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.43:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:5.1.46:sp1:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20103679
    V
    		CVE-2010-3679
    2015-11-16
    oval:org.mitre.oval:def:13602
    P
    		USN-1017-1 -- mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:14934
    P
    		USN-1397-1 -- MySQL vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:22961
    P
    		ELSA-2011:0164: mysql security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21911
    P
    		RHSA-2011:0164: mysql security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20110164
    P
    		RHSA-2011:0164: mysql security update (Moderate)
    2011-01-18
    BACK
    mysql mysql 5.1.5
    mysql mysql 5.1.23
    mysql mysql 5.1.31
    mysql mysql 5.1.32
    mysql mysql 5.1.34
    mysql mysql 5.1.37
    oracle mysql 5.1
    oracle mysql 5.1.1
    oracle mysql 5.1.2
    oracle mysql 5.1.3
    oracle mysql 5.1.4
    oracle mysql 5.1.6
    oracle mysql 5.1.7
    oracle mysql 5.1.8
    oracle mysql 5.1.9
    oracle mysql 5.1.10
    oracle mysql 5.1.11
    oracle mysql 5.1.12
    oracle mysql 5.1.13
    oracle mysql 5.1.14
    oracle mysql 5.1.15
    oracle mysql 5.1.16
    oracle mysql 5.1.17
    oracle mysql 5.1.18
    oracle mysql 5.1.19
    oracle mysql 5.1.20
    oracle mysql 5.1.21
    oracle mysql 5.1.22
    oracle mysql 5.1.23 a
    oracle mysql 5.1.24
    oracle mysql 5.1.25
    oracle mysql 5.1.26
    oracle mysql 5.1.27
    oracle mysql 5.1.28
    oracle mysql 5.1.29
    oracle mysql 5.1.30
    oracle mysql 5.1.31 sp1
    oracle mysql 5.1.33
    oracle mysql 5.1.34 sp1
    oracle mysql 5.1.35
    oracle mysql 5.1.36
    oracle mysql 5.1.37 sp1
    oracle mysql 5.1.38
    oracle mysql 5.1.39
    oracle mysql 5.1.40
    oracle mysql 5.1.40 sp1
    oracle mysql 5.1.41
    oracle mysql 5.1.42
    oracle mysql 5.1.43
    oracle mysql 5.1.43 sp1
    oracle mysql 5.1.44
    oracle mysql 5.1.45
    oracle mysql 5.1.46
    oracle mysql 5.1.46 sp1
    oracle mysql 5.1.47
    oracle mysql 5.1.48
    mysql mysql 5.1.1
    mysql mysql 5.1.10
    mysql mysql 5.1.11
    mysql mysql 5.1.12
    mysql mysql 5.1.13
    mysql mysql 5.1.14
    mysql mysql 5.1.15
    mysql mysql 5.1.16
    mysql mysql 5.1.17
    mysql mysql 5.1.2
    mysql mysql 5.1.23
    mysql mysql 5.1.3
    mysql mysql 5.1.4
    mysql mysql 5.1.5
    mysql mysql 5.1.6
    mysql mysql 5.1.7
    mysql mysql 5.1.8
    mysql mysql 5.1.9
    mysql mysql 5.1
    mysql mysql 5.1.30
    mysql mysql 5.1.32-bzr
    mysql mysql 5.1.23_bk
    mysql mysql 5.1.21
    mysql mysql 5.1.22
    mysql mysql 5.1.23a
    mysql mysql 5.1.5a
    mysql mysql 5.1.18
    mysql mysql 5.1.19
    mysql mysql 5.1.20
    mysql mysql 5.1.45
    mysql mysql 5.1.44
    mysql mysql 5.1.43
    mysql mysql 5.1.42
    mysql mysql 5.1.41
    mysql mysql 5.1.40
    mysql mysql 5.1.39
    mysql mysql 5.1.38
    mysql mysql 5.1.37
    mysql mysql 5.1.36
    mysql mysql 5.1.35
    mysql mysql 5.1.34
    mysql mysql 5.1.33
    mysql mysql 5.1.32
    mysql mysql 5.1.31
    mysql mysql 5.1.46
    mysql mysql 5.1.47
    mysql mysql 5.1.48
    mysql mysql 5.1.23 a
    mysql mysql 5.1.24
    mysql mysql 5.1.25
    mysql mysql 5.1.26
    mysql mysql 5.1.27
    mysql mysql 5.1.28
    mysql mysql 5.1.29
    mysql mysql 5.1.31 sp1
    mysql mysql 5.1.34 sp1
    mysql mysql 5.1.37 sp1
    mysql mysql 5.1.40 sp1
    mysql mysql 5.1.43 sp1
    mysql mysql 5.1.46 sp1
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6