CVE-2010-3681

Oracle MySQL 5.1 < 5.1.49 and 5.5 < 5.5.5 - Authenticated Denial of Service via HANDLER Interface

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3681. PoCs published by Matthias Leich.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in MySQL by creating a table, opening a handler, and performing specific read operations that crash the database. It targets versions prior to MySQL 5.1.49.

Description

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Matthias Leich · textdoslinux
https://www.exploit-db.com/exploits/34520

This exploit demonstrates a denial-of-service vulnerability in MySQL by creating a table, opening a handler, and performing specific read operations that crash the database. It targets versions prior to MySQL 5.1.49.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: MySQL prior to 5.1.49
Auth required
Prerequisites: Access to a MySQL database with sufficient privileges to create and drop tables
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (25)

Core 25
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0164.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0825.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1397-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1017-1
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:012
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:222
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:155
Exploit, Patch x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=628680
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42875
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0824.html
Vendor Advisory vendor-advisory x_refsource_turbo
http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt
Various Sources x_refsource_confirm
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64685
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0105
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0170
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0133
Various Sources x_refsource_confirm
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
Exploit, Patch x_refsource_confirm
http://bugs.mysql.com/bug.php?id=54007
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2143
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0345
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42936
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/42633
Exploit, Patch mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/28/10

Scores

EPSS 0.1223
EPSS Percentile 95.7%

Details

Status published
Products (48)
mysql/mysql 5.1.5
mysql/mysql 5.1.23
mysql/mysql 5.1.31
mysql/mysql 5.1.32
mysql/mysql 5.1.34
mysql/mysql 5.1.37
oracle/mysql 5.1
oracle/mysql 5.1.1
oracle/mysql 5.1.2
oracle/mysql 5.1.3
... and 38 more
Published Jan 11, 2011
Tracked Since Feb 18, 2026