Published: 28/03/2013 Updated: 04/08/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 506

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

MariaDB 5.5.x prior to 5.5.30, 5.3.x prior to 5.3.13, 5.2.x prior to 5.2.15, and 5.1.x prior to 5.1.68, and Oracle MySQL 5.1.69 and previous versions, 5.5.31 and previous versions, and 5.6.11 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mariadb mariadb
oracle mysql
redhat enterprise linux 6.0
redhat enterprise linux 5
debian debian linux 7.0
canonical ubuntu linux 13.04
canonical ubuntu linux 12.10
canonical ubuntu linux 10.04
canonical ubuntu linux 12.04
suse linux enterprise desktop 11
suse linux enterprise server 11
opensuse opensuse 12.3
suse linux enterprise software development kit 11
opensuse opensuse 11.4
opensuse opensuse 12.2

Several security issues were fixed in MySQL ...

Debian Bug report logs - #711600 mysql-server: CVE-2013-2162: Insecure creation of the credential file debiancnf Package: mysql-server; Maintainer for mysql-server is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Source for mysql-server is src:mysql-57 (PTS, buildd, popcon) Reported by: vladz <vlad ...

Debian Bug report logs - #706715 mysql-server: CVE-2013-1861: Denial of service via a crafted geometry feature Package: mysql-server; Maintainer for mysql-server is Debian MySQL Maintainers <pkg-mysql-maint@listsaliothdebianorg>; Source for mysql-server is src:mysql-57 (PTS, buildd, popcon) Reported by: Henri Salo <he ...

Several issues have been discovered in the MySQL database server The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5533, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes Please see the MySQL 55 Release Notes for further details: http:/ ...

source: wwwsecurityfocuscom/bid/58511/info MySQL and MariaDB are prone to a denial-of-service vulnerability An attacker can exploit this issue to crash the database, denying access to legitimate users "select astext(0x0100000000030000000100000000000010);" ...

SNORT 第二次笔记复习：几种规则动作动作描述 alert 基于规则对应的告警消息生成一个警告，并将数据包记录日志 log 将数据包记录日志 pass 忽略这个数据包 Drop 使用 iptables 丢弃这个数据包，并将数据包记录入日志 Sdrop 使用 iptables 丢弃这个数据包，但不记录日志 Reject 使用

https://eggkingo.github.io/polyblog/

Polysphere Temp Blog POST Hehehe tor go funny This post will go through the vulnerabilites of tor/torbrowser, onion balance and the stem library The vulnerabilties might not directly affect the onion relay protocol ———————————————— Tor/TorBrowser The Tor/Torbrowser in total have 41

CWE-119 http://www.osvdb.org/91415 https://bugzilla.redhat.com/show_bug.cgi?id=919247 http://secunia.com/advisories/52639 http://seclists.org/oss-sec/2013/q1/671 http://www.securityfocus.com/bid/58511 https://mariadb.atlassian.net/browse/MDEV-4252 http://lists.askmonty.org/pipermail/commits/2013-March/004371.html http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.ubuntu.com/usn/USN-1909-1 http://secunia.com/advisories/54300 http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html http://www.debian.org/security/2013/dsa-2818 http://security.gentoo.org/glsa/glsa-201409-04.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/82895 https://usn.ubuntu.com/1909-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/38392/

CVE-2013-1861

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect