Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDA8D8713E-DC83-11DA-A22B-000C6EC775D9
HistoryMay 02, 2006 - 12:00 a.m.

mysql50-server -- COM_TABLE_DUMP arbitrary code execution

2006-05-0200:00:00
vuxml.freebsd.org
13

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.171 Low

EPSS

Percentile

96.0%

JSON

Stefano Di Paola reports:

An authenticated user could remotely execute arbitrary
commands by taking advantage of a stack overflow.
To take advantage of these flaws an attacker should have
direct access to MySQL server communication layer (port
3306 or unix socket). But if used in conjuction with some
web application flaws (i.e. php code injection) an
attacker could use socket programming (i.e. php sockets)
to gain access to that layer.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchmysql-server< 5.0.21UNKNOWN

Related

openvas 12
prion 1
cve 1
cert 1
nessus 12
ubuntucve 1
suse 1
slackware 1
altlinux 1
freebsd 1
debian 5
osv 3
openvas
openvas
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
FreeBSD Ports: mysql-server
2008-09-04 00:00:00
prion
prion
Buffer overflow
2006-05-05 12:46:00
cve
cve
CVE-2006-1518
2006-05-05 12:46:00
cert
cert
MySQL fails to properly validate COM_TABLE_DUMP packets
2006-05-05 00:00:00
nessus
nessus
FreeBSD : mysql50-server -- COM_TABLE_DUMP arbitrary code execution (a8d8713e-dc83-11da-a22b-000c6ec775d9)
2006-05-13 00:00:00
openSUSE 10 Security Update : mysql (mysql-1312)
2007-10-17 00:00:00
Slackware 10.2 / current : mysql (SSA:2006-129-02)
2006-05-13 00:00:00
ubuntucve
ubuntucve
CVE-2006-1518
2006-05-05 00:00:00
suse
suse
remote code execution in mysql
2006-06-23 08:26:58
slackware
slackware
[slackware-security] mysql
2006-05-09 22:19:51
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.21-alt1
2006-05-10 00:00:00
freebsd
freebsd
MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities
2006-05-02 00:00:00
debian
debian
[SECURITY] [DSA 1071-1] New MySQL 3.23 packages fix several vulnerabilities
2006-05-22 09:30:15
[SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities
2006-05-29 06:06:51
[SECURITY] [DSA 1071-1] New MySQL 3.23 packages fix several vulnerabilities
2006-05-22 09:30:15
osv
osv
mysql - several vulnerabilities
2006-05-22 00:00:00
mysql-dfsg-4.1 - several vulnerabilities
2006-05-22 00:00:00
mysql-dfsg - several
2006-05-29 00:00:00

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.171 Low

EPSS

Percentile

96.0%

JSON
Related for A8D8713E-DC83-11DA-A22B-000C6EC775D9
openvas12prion1cve1cert1nessus12ubuntucve1suse1slackware1altlinux1freebsd1debian5osv3