HTTP: MySQL SELECT Subquery Denial of Service SQL Injection
This signature detects attempts to exploit a known vulnerability against Sun MySQL Database via HTTP SQL Command Injection. A successful attack can result in a denial-of-service condition. Sun Microsystems MySQL prior to 5.0.88 and Sun Microsystems MySQL prior to 5.1.41 are affected. However, it might also be a false positive - many Web sites use variables similar in format to SQL, and some Web sites even use SQL as part of normal operations. This is considered a poor convention, as sites using raw SQL in variables can be vulnerable to SQL injection. To reduce False Positives, it is strongly recommended that these signatures only be used to inspect traffic from the Internet to your organization's Web servers that use SQL backend databases to generate content and not to inspect traffic going from your organization to the Internet.
Extended Description
MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions. An attacker can exploit these issues to crash the application, denying access to legitimate users. Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable.
Affected Products
Pardus linux_2009
Short Name
HTTP:SQL:INJ:SELECT-SUB-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2009-4019 Denial Injection MySQL SELECT SQL Service Subquery bid:37297 of
Release Date
02/17/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Mysql_ab
Apple
Gentoo
Rpath
Pardus
Ubuntu
Mandriva
Suse
CVSS Score
4.0