CVE-2010-3679

Oracle MySQL 5.1 - Authenticated Denial of Service via BINLOG Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3679. PoCs published by Shane Bester.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in MySQL by executing a malformed BINLOG query. The query crashes the database, affecting versions prior to MySQL 5.1.49.

Description

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Shane Bester · textdoslinux
https://www.exploit-db.com/exploits/34521

This exploit demonstrates a denial-of-service vulnerability in MySQL by executing a malformed BINLOG query. The query crashes the database, affecting versions prior to MySQL 5.1.49.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: MySQL < 5.1.49
Auth required
Prerequisites: Access to a MySQL client with query execution privileges
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (14)

Core 14
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1397-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1017-1
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64687
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0164.html
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0170
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0133
Patch x_refsource_confirm
http://bugs.mysql.com/bug.php?id=54393
Various Sources x_refsource_confirm
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
Exploit, Patch x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=628062
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42936
Exploit, Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/28/10
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/42638

Scores

EPSS 0.1223
EPSS Percentile 95.7%

Details

CWE
CWE-399
Status published
Products (48)
mysql/mysql 5.1.5
mysql/mysql 5.1.23
mysql/mysql 5.1.31
mysql/mysql 5.1.32
mysql/mysql 5.1.34
mysql/mysql 5.1.37
oracle/mysql 5.1
oracle/mysql 5.1.1
oracle/mysql 5.1.2
oracle/mysql 5.1.3
... and 38 more
Published Jan 11, 2011
Tracked Since Feb 18, 2026