Intrusion Prevention

Oracle.MySQL.WITH.ROLLUP.DoS

Description

This indicates an attack attempt to exploit a denial-of-service vulnerability in Oracle MySQL.
The vulnerability is caused by an error when the vulnerable software handles an SQL query with a malformed "with rollup" operator. As a result, a remote attacker can send a crafted query to crash the vulnerable system.

Affected Products

Oracle MySQL versions before 5.1.49

Impact

Denial of Service: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any patches supplied by the vendor for this issue.

CVE References

CVE-2010-3678