Intrusion Prevention

Oracle.MySQL.Database.IN.And.CASE.NULL.Argument.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in Oracle MySQL database server.
The vulnerability is caused by an error when the vulnerable software handles IN or CASE functions when NULL arguments are passed to the functions either by the WITH ROLLUP modifier or explicitly. It allows a remote attacker to cause a denial of service.

Affected Products

Oracle MySQL 5.1.48 and previous versions

Impact

Denial of service

Recommended Actions

Update to Oracle MySQL version 5.1.49 or later:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html

CVE References

CVE-2010-3678