Upstream information

CVE-2006-7232 at MITRE

Description

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 3.5
Vector AV:N/AC:M/Au:S/C:N/I:N/A:P
Access Vector Network
Access Complexity Medium
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 365119 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise SDK 10 SP2
  • mysql >= 5.0.26-12.20
  • mysql-Max >= 5.0.26-12.20
  • mysql-bench >= 5.0.26-12.20
  • mysql-client >= 5.0.26-12.20
  • mysql-devel >= 5.0.26-12.20
  • mysql-shared >= 5.0.26-12.20
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
SUSE Linux Enterprise SDK 10 SP2
  • mysql >= 5.0.26-12.20
  • mysql-Max >= 5.0.26-12.20
  • mysql-bench >= 5.0.26-12.20
  • mysql-client >= 5.0.26-12.20
  • mysql-devel >= 5.0.26-12.20
  • mysql-shared >= 5.0.26-12.20
  • mysql-shared-x86 >= 5.0.26-12.20
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
SUSE Linux Enterprise SDK 10 SP2
  • mysql >= 5.0.26-12.20
  • mysql-Max >= 5.0.26-12.20
  • mysql-bench >= 5.0.26-12.20
  • mysql-client >= 5.0.26-12.20
  • mysql-devel >= 5.0.26-12.20
  • mysql-shared >= 5.0.26-12.20
  • mysql-shared-64bit >= 5.0.26-12.20
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
SUSE Linux Enterprise SDK 10 SP2
  • mysql >= 5.0.26-12.20
  • mysql-Max >= 5.0.26-12.20
  • mysql-bench >= 5.0.26-12.20
  • mysql-client >= 5.0.26-12.20
  • mysql-devel >= 5.0.26-12.20
  • mysql-shared >= 5.0.26-12.20
  • mysql-shared-32bit >= 5.0.26-12.20
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • mysql >= 4.0.18-32.35
  • mysql-Max >= 4.0.18-32.35
  • mysql-client >= 4.0.18-32.35
  • mysql-devel >= 4.0.18-32.35
  • mysql-shared >= 4.0.18-32.35
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
Novell Linux Desktop 9 for x86_64
  • mysql >= 4.0.18-32.35
  • mysql-Max >= 4.0.18-32.35
  • mysql-bench >= 4.0.18-32.35
  • mysql-client >= 4.0.18-32.35
  • mysql-devel >= 4.0.18-32.35
  • mysql-shared >= 4.0.18-32.35
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for IBM iSeries and IBM pSeries
SLES SDK 9 for IBM zSeries
SLES SDK 9 for IPF
SLES SDK 9 for X86-64
SLES SDK 9 for x86
  • mysql-bench >= 4.0.18-32.35
core9.ppc
sle10-sp2-sdk.ia64
sles10-sp2.ia64
sles10-sp2.s390x
sle10-sp1-sdk.ppc
core9.s390
sle10-sp1-sdk.ia64
sles10.ia64
sles10.ppc
core9.x86-64
sles10-sp2.ppc
sled10.x86
sles9-nld.x86-64
sle10-sp2-sdk.ppc
sles10.x86
core9.x86
sles10.s390x
sles10-sp2-debuginfo.x86
sles9-oes.x86
core9.s390x
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp1-sdk.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2-debuginfo.x86-64
core9.ppc
sle10-sp1-sdk.x86
sled10.x86-64
core9.ia64
sles10-sp2.x86
sles10.x86-64
core9.x86-64
core9.x86
sles9-nld.x86
sles9-nlpos.x86
sled10-sp2.x86
core9.ia64
sle10-sp1-sdk.s390x
sles10-sp2-debuginfo.ia64
sle10-sp2-sdk.x86-64
core9.s390
core9.s390x
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2.x86-64
ZYPP Patch Nr: 5338
SUSE LINUX 10.1
  • mysql >= 5.0.26-12.17.5
  • mysql-Max >= 5.0.26-12.17.5
  • mysql-bench >= 5.0.26-12.17.5
  • mysql-client >= 5.0.26-12.17.5
  • mysql-devel >= 5.0.26-12.17.5
  • mysql-shared >= 5.0.26-12.17.5
  • mysql-shared-32bit >= 5.0.26-12.17.5
  • mysql-shared-64bit >= 5.0.26-12.17.5