Lucene search
K

MySQL 'yaSSL' RCE Vulnerability

🗓️ 19 Apr 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 26 Views

MySQL 'yaSSL' RCE Vulnerability. Allows remote code execution in MySQL 5.5.20 and possibly other versions

Related
Refs
Code
ReporterTitlePublishedViews
Family
CVE
CVE-2012-0882
21 Dec 201202:00
cve
Cvelist
CVE-2012-0882
21 Dec 201202:00
cvelist
EUVD
EUVD-2012-0905
7 Oct 202500:30
euvd
Tenable Nessus
Juniper Junos Space < 13.1R1 MySQL Multiple Vulnerabilities (JSA10601)
22 Dec 201400:00
nessus
Tenable Nessus
MySQL 5.1 < 5.1.62 Multiple Vulnerabilities
19 Apr 201200:00
nessus
Tenable Nessus
MySQL 5.5 < 5.5.22 Multiple Vulnerabilities
11 Apr 201200:00
nessus
NVD
CVE-2012-0882
21 Dec 201205:46
nvd
OSV
BELL-CVE-2012-0882 CVE-2012-0882 does not affect BellSoft software
21 Dec 201205:46
osv
Prion
Buffer overflow
21 Dec 201205:46
prion
Positive Technologies
PT-2012-2926 · Oracle · Mysql Server +1
21 Dec 201200:00
ptsecurity
Rows per page
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:mysql:mysql";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.103471");
  script_version("2025-09-09T05:38:49+0000");
  script_cve_id("CVE-2012-0882");
  script_name("MySQL 'yaSSL' RCE Vulnerability");

  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/51925");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/52154");
  script_xref(name:"URL", value:"https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html");

  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2025-09-09 05:38:49 +0000 (Tue, 09 Sep 2025)");
  script_tag(name:"creation_date", value:"2012-04-19 11:22:35 +0200 (Thu, 19 Apr 2012)");
  script_category(ACT_GATHER_INFO);
  script_family("Databases");
  script_tag(name:"qod_type", value:"remote_banner_unreliable");
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_dependencies("gb_mysql_mariadb_remote_detect.nasl");
  script_mandatory_keys("oracle/mysql/detected");

  script_tag(name:"summary", value:"MySQL is prone to an unspecified remote code execution (RCE) vulnerability.");
  script_tag(name:"impact", value:"Attackers can exploit this vulnerability to execute arbitrary code in
the context of the affected application.");
  script_tag(name:"insight", value:"Limited information is available regarding this issue. This script will
be updated as more information becomes available.");
  script_tag(name:"affected", value:"MySQL 5.5.20 is vulnerable. Other versions may also be affected.");
  script_tag(name:"solution", value:"The issues seem to be fixed in MySQL versions 5.5.22 and 5.1.62.");

  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!port = get_app_port(cpe:CPE))
  exit(0);

if(!version = get_app_version(cpe:CPE, port:port))
  exit(0);

version = eregmatch(pattern:"([0-9.a-z]+)", string:version);

if(!isnull(version[1])) {
  if(version_in_range(version:version[1], test_version:"5.5", test_version2:"5.5.21")) {
    report = report_fixed_ver(installed_version:version[1], vulnerable_range:"5.5.22");
    security_message(port:port, data:report);
    exit(0);
  }
  if(version_in_range(version:version[1], test_version:"5.1", test_version2:"5.1.61")) {
    report = report_fixed_ver(installed_version:version[1], vulnerable_range:"5.1.62");
    security_message(port:port, data:report);
    exit(0);
  }
}

exit(99);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Sep 2025 00:00Current
7.9High risk
Vulners AI Score7.9
CVSS 27.5
EPSS0.05305
26