LiteForum 2.1.1 - SQL Injection

LiteForum 2.1.1 - SQL Injection !/usr/bin/perl use LWP::UserAgent; LiteForum 2.1.1 http://www.softtime.ru sql injection exploit work on all mysql versions by 1dt.w0lf RusH security team http://rst.void.ru --------------------------------------- greets 2: ghc www.ghc.ru Gh0st Security Team...

PT-2005-1141 · Oracle +2 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: MySQL versions 3.x and earlier MySQL versions 4.0.23 and earlier MySQL versions 4.1.x before 4.1.10 MySQL versions 5.0.x before 5.0.3 Description: The issue allows local users to overwrite arbitrary files or read temporary files via a symlink...

CVE-2004-0835

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities...

CVE-2003-1480

MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods...

MySQL 3.23.x/4.0.x - Remote Buffer Overflow

/ Mysql 3.23.x/4.0.x remote exploit proof of concept using jmp eax bkbll bkbll cnhonker.net,bkbll tom.com 2003/09/12 compile:gcc -o mysql mysql.c -L/usr/lib/mysql -lmysqlclient DO NOT DISTRUBITED IT / include include include include include include include include include define PAD 1942 define...

security flaw

libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the 1 readrows or 2 readonerow routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code...