Intrusion PreventionMySQL.Authentication.Protocol.DoS
Description
This indicates an attack attempt against a denial-of-service vulnerability in the MySQL authentication protocol.
The vulnerability is caused by the application's failure to properly handle malformed password packets. Remote attackers may exploit this to crash affected database servers, causing a denial-of-service condition.
Affected Products
MySQL AB MySQL Enterprise 4.1.22 and prior.
MySQL AB MySQL Enterprise 5.0.43 and prior.
MySQL AB MySQL Community 5.0.44 and prior.
Impact
Denial of service.
Recommended Actions
The vendor has released fixed versions of MySQL to address this issue.
Update to MySQL Enterprise version 4.1.23 and 5.0.44 and MySQL Community Server 5.0.45
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-06-28 | 18.105 | Sig Added |
| ID | 14958 |
| Created | Sep 20, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2007-3780 |
| Exploit Prediction Score | 84.76% |
| Default Action | pass |
| Active | |
| Affected OS | All |
| Affected App | MySQL |