Intrusion Prevention

Sun.MySQL.Dispatch.Command.Format.String

Description

This indicates an attack attempt against a format string vulnerability in Sun Microsystems MySQL database server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted create or drop database command. It allows a remote attacker to cause a denial of service (daemon crash).

Affected Products

MySQL 5.x
MySQL 4.x

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version:
http://dev.mysql.com/downloads/

CVE References

CVE-2009-2446