NVD脆弱性詳細

CVE-2007-6304

概要	The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
概要	El motor federated en MySQL versiones 5.0.x anteriores a 5.0.51a, versiones 5.1.x anteriores a 5.1.23 y versiones 6.0.x anteriores a 6.0.4, al realizar una determinada consulta SHOW TABLE STATUS, permite a los servidores MySQL remotos causar una denegación de servicio (bloqueo del manejador de federated y bloqueo del demonio) por medio de una respuesta que carece del número mínimo necesario de columnas.
公表日	2007年12月11日6:46
登録日	2021年1月29日14:24
最終更新日	2026年4月23日9:35

CVSS2.0 : MEDIUM
スコア	5.0
ベクター	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	いいえ
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:mysql:mysql:5.0.0:::::::*
cpe:2.3:a:mysql:mysql:5.0.1:::::::*
cpe:2.3:a:mysql:mysql:5.0.2:::::::*
cpe:2.3:a:mysql:mysql:5.0.3:::::::*
cpe:2.3:a:mysql:mysql:5.0.4:::::::*
cpe:2.3:a:mysql:mysql:5.0.5:::::::*
cpe:2.3:a:mysql:mysql:5.0.5.0.21:::::::*
cpe:2.3:a:mysql:mysql:5.0.10:::::::*
cpe:2.3:a:mysql:mysql:5.0.15:::::::*
cpe:2.3:a:mysql:mysql:5.0.16:::::::*
cpe:2.3:a:mysql:mysql:5.0.17:::::::*
cpe:2.3:a:mysql:mysql:5.0.20:::::::*
cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:::::::*
cpe:2.3:a:mysql:mysql:5.0.24:::::::*
cpe:2.3:a:oracle:mysql:5.0.0:alpha::::::
cpe:2.3:a:oracle:mysql:5.0.3:beta::::::
cpe:2.3:a:oracle:mysql:5.0.6:::::::*
cpe:2.3:a:oracle:mysql:5.0.7:::::::*
cpe:2.3:a:oracle:mysql:5.0.8:::::::*
cpe:2.3:a:oracle:mysql:5.0.9:::::::*
cpe:2.3:a:oracle:mysql:5.0.11:::::::*
cpe:2.3:a:oracle:mysql:5.0.12:::::::*
cpe:2.3:a:oracle:mysql:5.0.13:::::::*
cpe:2.3:a:oracle:mysql:5.0.14:::::::*
cpe:2.3:a:oracle:mysql:5.0.18:::::::*
cpe:2.3:a:oracle:mysql:5.0.19:::::::*
cpe:2.3:a:oracle:mysql:5.0.21:::::::*
cpe:2.3:a:oracle:mysql:5.0.22:::::::*
cpe:2.3:a:oracle:mysql:5.0.27:::::::*
cpe:2.3:a:oracle:mysql:5.0.33:::::::*
cpe:2.3:a:oracle:mysql:5.0.37:::::::*
cpe:2.3:a:oracle:mysql:5.0.41:::::::*
cpe:2.3:a:oracle:mysql:5.1.1:::::::*
cpe:2.3:a:oracle:mysql:5.1.2:::::::*
cpe:2.3:a:oracle:mysql:5.1.10:::::::*
cpe:2.3:a:oracle:mysql:5.1.11:::::::*
cpe:2.3:a:oracle:mysql:5.1.12:::::::*
cpe:2.3:a:oracle:mysql:5.1.13:::::::*
cpe:2.3:a:oracle:mysql:5.1.14:::::::*
cpe:2.3:a:oracle:mysql:5.1.15:::::::*
cpe:2.3:a:oracle:mysql:5.1.16:::::::*
cpe:2.3:a:oracle:mysql:5.1.17:::::::*
cpe:2.3:a:oracle:mysql:6.0.0:::::::*
cpe:2.3:a:oracle:mysql:6.0.1:::::::*
cpe:2.3:a:oracle:mysql:6.0.2:::::::*
cpe:2.3:a:oracle:mysql:6.0.3:::::::*

関連情報、対策とツール

No	URL	refsource
1	http://bugs.mysql.com/bug.php?id=29801	cve@mitre.org
2	http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html	cve@mitre.org
3	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html	cve@mitre.org
4	http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html	cve@mitre.org
5	http://lists.mysql.com/announce/502	cve@mitre.org
6	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html	cve@mitre.org
7	http://osvdb.org/42609	cve@mitre.org
8	http://secunia.com/advisories/28063	cve@mitre.org
9	http://secunia.com/advisories/28128	cve@mitre.org
10	http://secunia.com/advisories/28343	cve@mitre.org
11	http://secunia.com/advisories/28637	cve@mitre.org
12	http://secunia.com/advisories/28739	cve@mitre.org
13	http://secunia.com/advisories/28838	cve@mitre.org
14	http://secunia.com/advisories/29706	cve@mitre.org
15	http://security.gentoo.org/glsa/glsa-200804-04.xml	cve@mitre.org
16	http://securitytracker.com/id?1019085	cve@mitre.org
17	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040	cve@mitre.org
18	http://www.debian.org/security/2008/dsa-1451	cve@mitre.org
19	http://www.mandriva.com/security/advisories?name=MDVSA-2008:017	cve@mitre.org
20	http://www.mandriva.com/security/advisories?name=MDVSA-2008:028	cve@mitre.org
21	http://www.securityfocus.com/archive/1/487606/100/0/threaded	cve@mitre.org
22	http://www.securityfocus.com/bid/26832	cve@mitre.org
23	http://www.vupen.com/english/advisories/2007/4198	cve@mitre.org
24	https://exchange.xforce.ibmcloud.com/vulnerabilities/38990	cve@mitre.org
25	https://issues.rpath.com/browse/RPL-2187	cve@mitre.org
26	https://usn.ubuntu.com/559-1/	cve@mitre.org
27	http://bugs.mysql.com/bug.php?id=29801	af854a3a-2127-422b-91ae-364da2661108
28	http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html	af854a3a-2127-422b-91ae-364da2661108
29	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html	af854a3a-2127-422b-91ae-364da2661108
30	http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html	af854a3a-2127-422b-91ae-364da2661108
31	http://lists.mysql.com/announce/502	af854a3a-2127-422b-91ae-364da2661108
32	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html	af854a3a-2127-422b-91ae-364da2661108
33	http://osvdb.org/42609	af854a3a-2127-422b-91ae-364da2661108
34	http://secunia.com/advisories/28063	af854a3a-2127-422b-91ae-364da2661108
35	http://secunia.com/advisories/28128	af854a3a-2127-422b-91ae-364da2661108
36	http://secunia.com/advisories/28343	af854a3a-2127-422b-91ae-364da2661108
37	http://secunia.com/advisories/28637	af854a3a-2127-422b-91ae-364da2661108
38	http://secunia.com/advisories/28739	af854a3a-2127-422b-91ae-364da2661108
39	http://secunia.com/advisories/28838	af854a3a-2127-422b-91ae-364da2661108
40	http://secunia.com/advisories/29706	af854a3a-2127-422b-91ae-364da2661108
41	http://security.gentoo.org/glsa/glsa-200804-04.xml	af854a3a-2127-422b-91ae-364da2661108
42	http://securitytracker.com/id?1019085	af854a3a-2127-422b-91ae-364da2661108
43	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040	af854a3a-2127-422b-91ae-364da2661108
44	http://www.debian.org/security/2008/dsa-1451	af854a3a-2127-422b-91ae-364da2661108
45	http://www.mandriva.com/security/advisories?name=MDVSA-2008:017	af854a3a-2127-422b-91ae-364da2661108
46	http://www.mandriva.com/security/advisories?name=MDVSA-2008:028	af854a3a-2127-422b-91ae-364da2661108
47	http://www.securityfocus.com/archive/1/487606/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
48	http://www.securityfocus.com/bid/26832	af854a3a-2127-422b-91ae-364da2661108
49	http://www.vupen.com/english/advisories/2007/4198	af854a3a-2127-422b-91ae-364da2661108
50	https://exchange.xforce.ibmcloud.com/vulnerabilities/38990	af854a3a-2127-422b-91ae-364da2661108
51	https://issues.rpath.com/browse/RPL-2187	af854a3a-2127-422b-91ae-364da2661108
52	https://usn.ubuntu.com/559-1/	af854a3a-2127-422b-91ae-364da2661108

共通脆弱性一覧

構成1	以上	以下	より上	未満
cpe:2.3:a:mysql:mysql:5.0.0:::::::*
cpe:2.3:a:mysql:mysql:5.0.1:::::::*
cpe:2.3:a:mysql:mysql:5.0.2:::::::*
cpe:2.3:a:mysql:mysql:5.0.3:::::::*
cpe:2.3:a:mysql:mysql:5.0.4:::::::*
cpe:2.3:a:mysql:mysql:5.0.5:::::::*
cpe:2.3:a:mysql:mysql:5.0.5.0.21:::::::*
cpe:2.3:a:mysql:mysql:5.0.10:::::::*
cpe:2.3:a:mysql:mysql:5.0.15:::::::*
cpe:2.3:a:mysql:mysql:5.0.16:::::::*
cpe:2.3:a:mysql:mysql:5.0.17:::::::*
cpe:2.3:a:mysql:mysql:5.0.20:::::::*
cpe:2.3:a:mysql:mysql:5.0.22.1.0.1:::::::*
cpe:2.3:a:mysql:mysql:5.0.24:::::::*
cpe:2.3:a:oracle:mysql:5.0.0:alpha::::::
cpe:2.3:a:oracle:mysql:5.0.3:beta::::::
cpe:2.3:a:oracle:mysql:5.0.6:::::::*
cpe:2.3:a:oracle:mysql:5.0.7:::::::*
cpe:2.3:a:oracle:mysql:5.0.8:::::::*
cpe:2.3:a:oracle:mysql:5.0.9:::::::*
cpe:2.3:a:oracle:mysql:5.0.11:::::::*
cpe:2.3:a:oracle:mysql:5.0.12:::::::*
cpe:2.3:a:oracle:mysql:5.0.13:::::::*
cpe:2.3:a:oracle:mysql:5.0.14:::::::*
cpe:2.3:a:oracle:mysql:5.0.18:::::::*
cpe:2.3:a:oracle:mysql:5.0.19:::::::*
cpe:2.3:a:oracle:mysql:5.0.21:::::::*
cpe:2.3:a:oracle:mysql:5.0.22:::::::*
cpe:2.3:a:oracle:mysql:5.0.27:::::::*
cpe:2.3:a:oracle:mysql:5.0.33:::::::*
cpe:2.3:a:oracle:mysql:5.0.37:::::::*
cpe:2.3:a:oracle:mysql:5.0.41:::::::*
cpe:2.3:a:oracle:mysql:5.1.1:::::::*
cpe:2.3:a:oracle:mysql:5.1.2:::::::*
cpe:2.3:a:oracle:mysql:5.1.10:::::::*
cpe:2.3:a:oracle:mysql:5.1.11:::::::*
cpe:2.3:a:oracle:mysql:5.1.12:::::::*
cpe:2.3:a:oracle:mysql:5.1.13:::::::*
cpe:2.3:a:oracle:mysql:5.1.14:::::::*
cpe:2.3:a:oracle:mysql:5.1.15:::::::*
cpe:2.3:a:oracle:mysql:5.1.16:::::::*
cpe:2.3:a:oracle:mysql:5.1.17:::::::*
cpe:2.3:a:oracle:mysql:6.0.0:::::::*
cpe:2.3:a:oracle:mysql:6.0.1:::::::*
cpe:2.3:a:oracle:mysql:6.0.2:::::::*
cpe:2.3:a:oracle:mysql:6.0.3:::::::*