Intrusion Prevention

MySQL.Authentication.Protocol.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in the MySQL authentication protocol.
The vulnerability is caused by the application's failure to properly handle malformed password packets. Remote attackers may exploit this to crash affected database servers, causing a denial-of-service condition.

Affected Products

MySQL AB MySQL Enterprise 4.1.22 and prior.
MySQL AB MySQL Enterprise 5.0.43 and prior.
MySQL AB MySQL Community 5.0.44 and prior.

Impact

Denial of service.

Recommended Actions

The vendor has released fixed versions of MySQL to address this issue.
Update to MySQL Enterprise version 4.1.23 and 5.0.44 and MySQL Community Server 5.0.45

CVE References

CVE-2007-3780