84 matches found
CVE-2010-3963
CVE-2010-3963 affects the Windows kernel’s Routing and Remote Access NDProxy driver, notably on Windows XP (SP2/SP3) and Server 2003 SP2. The vulnerability originates from improper validation/copying of data from user mode into the kernel, enabling a local attacker to trigger a kernel-mode privil...
CVE-2009-3963
XOOPS (before version 2.4.0 Final) is cited in connected sources as having a cross-site scripting vulnerability in misc.php: the script does not sanitize the requested URI before displaying it, enabling a remote attacker to craft a URL that executes script in victims’ browsers. CVE-2009-3963 is t...
CentOS Security Advisory CESA-2009:1289 (mysql)
The remote host is missing updates to mysql announced in advisory CESA-2009:1289. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...
openSUSE Security Update : libmysqlclient-devel (libmysqlclient-devel-210)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. This update also fixes problems with the 'ORDER BY' query %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
Debian DSA-1783-1 : mysql-dfsg-5.0 - multiple vulnerabilities
Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application. The Common Vulnerabilities and Exposures project identifies the following two problems : - CVE-2008-3963 Kay Roepke reported that the MySQL server would...
[SECURITY] [DSA 1783-1] New mysql-dfsg-5.0 packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1783 [email protected] http://www.debian.org/security/ Devin Carraway April 29, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1783-1] New mysql-dfsg-5.0 packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1783 [email protected] http://www.debian.org/security/ Devin Carraway April 29, 2009 http://www.debian.org/security/faq -...
Mandrake Security Advisory MDVSA-2009:094 (mysql)
The remote host is missing an update to mysql announced via advisory MDVSA-2009:094. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandrake Security Advisory MDVSA-2009:094 (mysql)
The remote host is missing an update to mysql announced via advisory MDVSA-2009:094. OpenVAS Vulnerability Test $Id: mdksa2009094.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:094 mysql Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandriva Linux Security Advisory : mysql (MDVSA-2009:094)
Multiple vulnerabilities has been found and corrected in mysql : MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' b single-quote single-quote token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service daemon...
SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3)
The remote host is missing updates announced in advisory SUSE-SR:2009:001. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
FreeBSD Ports: mysql-server
The remote host is missing an update to the system as announced in the referenced advisory. VID 66a770b4-e008-11dd-a765-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 66a770b4-e008-11dd-a765-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD Ports: mysql-server
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-5619)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. This update also fixes the previously broken mysqlhotcopy script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
openSUSE 10 Security Update : mysql (mysql-5613)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
MySQL Enterprise Server 5.0 < 5.0.66 Empty Bit-String Literal Token SQL Statement DoS
The version of MySQL Enterprise Server 5.0 installed on the remote host is earlier than 5.0.66. A bug in such versions can lead to a server crash in 'Itembinstring::Itembinstring' when handling an empty bit-string literal b''. Using a simple SELECT statement, an authenticated, remote user can...
MySQL 6.0 < 6.0.6 Empty Bit-String Literal Token SQL Statement DoS
The version of MySQL 6.0 installed on the remote host is earlier than 6.0.6. A bug in such versions can lead to a server crash in 'Itembinstring::Itembinstring' when handling an empty bit-string literal b''. Using a simple SELECT statement, an authenticated remote user can leverage this issue to...
MySQL 5.1 < 5.1.26 Empty Bit-String Literal Token SQL Statement DoS
The version of MySQL 5.1 installed on the remote host is earlier than 5.1.26. A bug in such versions can lead to a server crash in 'Itembinstring::Itembinstring' when handling an empty bit-string literal b''. Using a simple SELECT statement, an authenticated remote user can leverage this issue to...
CVE-2008-3963
CVE-2008-3963 affects MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6. The vulnerability arises from improper handling of a b'' (empty bit-string literal) token in SQL statements, which allows a remote attacker to cause a denial of service by crashing the mysqld daemon. Connected...
CVE-2008-3963
creationtimestamp| type| source ---|---|--- 2008-03-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32348...