Intrusion Prevention

MySQL.XML.Functions.Scalar.XPath.DoS

Description

This indicates an attack attempt against a denial of service vulnerability in MySQL database engine.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted packet. It allows a remote attacker to cause a denial of service (DoS) condition of MySQL database services on the target host.

Affected Products

MySQL AB MySQL 6.0.9
MySQL AB MySQL 6.0.8
MySQL AB MySQL 6.0.7
MySQL AB MySQL 6.0.6
MySQL AB MySQL 6.0.4
MySQL AB MySQL 6.0.3
MySQL AB MySQL 6.0.2
MySQL AB MySQL 6.0.1
MySQL AB MySQL 6.0
MySQL AB MySQL 5.1.31
MySQL AB MySQL 5.1.30
MySQL AB MySQL 5.1.26
MySQL AB MySQL 5.1.23
MySQL AB MySQL 5.1.22
MySQL AB MySQL 5.1.18
MySQL AB MySQL 5.1.17
MySQL AB MySQL 5.1.16
MySQL AB MySQL 5.1.15
MySQL AB MySQL 5.1.14
MySQL AB MySQL 5.1.13
MySQL AB MySQL 5.1.12
MySQL AB MySQL 5.1.11
MySQL AB MySQL 5.1.10
MySQL AB MySQL 5.1.9
MySQL AB MySQL 5.1.6
MySQL AB MySQL 5.1.5

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to MySQL version 5.1.32:
http://dev.mysql.com/downloads/

CVE References

CVE-2009-0819