SERVER-MYSQL -- Snort has detected traffic exploiting vulnerabilities in MySQL servers.
SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt
This event is generated when an integer overflow attempt is detected in MySQL/MariaDB Server. Impact: Attempted Administrator Privilege Gain Details: Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2013-1861MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error. |
|