13 matches found
SUSE CVE-2008-4456
Cross-site scripting XSS vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be...
BRIM < 2.0.0 - SQL Injection
No description provided by source. BRIM 2.0.0 SQL InjectionExploit information - Exploit Title: BRIM 2.0.0 SQL Injection - Google Dork: Brim project intitle:Brim - login - Date: 2012-02-20 - Author: ifnull - Tested on: Apache/2.2.3, PHP/5.1.6, MySQL 5.0.45 ? although it should work on any...
MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
No description provided by source. MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file...
MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
No description provided by source. / MySQL =6.0 possibly affected Kristian Erik Hermansen Credit: Joe Gallo You must have ALTER permissions to exploit this bug! Scenario: You found SQL injection, but you want to punch backend server in the nuts just for fun. Start with the ALTER TABLE statement o...
MySQL yaSSL (Linux) - SSL Hello Message Buffer Overflow (Metasploit)
$Id: mysqlyasslhello.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
No description provided by source. MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file...
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC)
MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...
MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
Exploit for multiple platform in category dos / poc ====================================================== MySQL = 4.0.0 are affected. function prototype: writeTHD thd, enumenumservercommand command, const char format, ... function call: writethd, command, packet; on line 2084: case COMCREATEDB: ...
MySQL 5.0.45 Format String Vulnerability
MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...
CVE-2008-4456
Cross-site scripting XSS vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be...
Fedora 8 : mysql-5.0.45-6.fc8 (2007-4465)
Thu Dec 13 2007 Tom Lane 5.0.45-6 - Back-port upstream fixes for CVE-2007-5925, CVE-2007-5969, CVE-2007-6303. Related: 422211 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...
MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
No description provided by source. / MySQL =6.0 possibly affected Kristian Erik Hermansen Credit: Joe Gallo You must have ALTER permissions to exploit this bug! Scenario: You found SQL injection, but you want to punch backend server in the nuts just for fun. Start with the ALTER TABLE statement o...
MySQL 5.0.45 - 'Alter' Denial of Service
/ MySQL mysql CREATE TABLE test id int10 unsigned NOT NULL AUTOINCREMENT PRIMARY KEY, foo text NOT NULL ENGINE=InnoDB DEFAULT CHARSET=latin1; Query OK, 0 rows affected mysql SELECT FROM test WHERE CONTAINSfoo, 'bar'; Empty set mysql ALTER TABLE test ADD INDEX foo100; Query OK, 0 rows affected...