Intrusion Prevention



This indicates an attack attempt against a denial-of-service vulnerability in the MySQL authentication protocol.
The vulnerability is caused by the application's failure to properly handle malformed password packets. Remote attackers may exploit this to crash affected database servers, causing a denial-of-service condition.

Affected Products

MySQL AB MySQL Enterprise 4.1.22 and prior.
MySQL AB MySQL Enterprise 5.0.43 and prior.
MySQL AB MySQL Community 5.0.44 and prior.


Denial of service.

Recommended Actions

The vendor has released fixed versions of MySQL to address this issue.
Update to MySQL Enterprise version 4.1.23 and 5.0.44 and MySQL Community Server 5.0.45

CVE References