7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Luigi Auriemma discovered two buffer overflows in YaSSL, an SSL
implementation included in the MySQL database package, which could lead
to denial of service and possibly the execution of arbitrary code.
The old stable distribution (sarge) doesn’t contain mysql-dfsg-5.0.
For the stable distribution (etch), these problems have been fixed in
version 5.0.32-7etch5.
For the unstable distribution (sid), these problems have been fixed in
version 5.0.51-3.
We recommend that you upgrade your mysql-dfsg-5.0 package.