CVE-2009-2446

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

MySQL sql_parse.cc远程格式串漏洞

BUGTRAQ ID: 35609 MySQL是一款使用非常广泛的开放源代码关系数据库系统，拥有各种平台的运行版本。 MySQL的sqlparse.cc文件中的dispatchcommand函数存在格式串错误： 2084行： case COMCREATEDB: // QQ: To be removed char db=thd-strduppacket, alias; HACREATEINFO createinfo; statisticincrementthd-statusvar.comstatSQLCOMCREATEDB, &LOCKstatus; // null test to...

MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)

No description provided by source. MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file...

MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC)

MySQL 5.0.45 - Authenticated COMCREATEDB Format String PoC MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz ...

MySQL <= 5.0.45 post auth format string vulnerability

MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...

MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)

Exploit for multiple platform in category dos / poc ====================================================== MySQL = 4.0.0 are affected. function prototype: writeTHD thd, enumenumservercommand command, const char format, ... function call: writethd, command, packet; on line 2084: case COMCREATEDB: ...

MySQL COM_CREATE_DB format string vulnerability

Format string vulnerability via databse name...

MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC)

MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...

MySQL 5.0.45 Format String Vulnerability

MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...

Wireshark: Multiple vulnerabilities

Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark: David Maciejak discovered a vulnerability in packet-usb.c in the USB dissector via a malformed USB Request Block URB CVE-2008-4680. Florent Drouin and David...

Samba Format String Vulnerability

Samba is prone to a format string vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba"; ifdescription...

Samba Format String Vulnerability

Samba is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba"; ifdescription...

CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

DEBIAN-CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

Format string

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2009-1886

CVE-2009-1886 fixes in Samba affect the Samba SMB client (smbclient) in Samba 3.2.0–3.2.12. The vulnerability arises from format string handling in filenames, allowing a context-dependent attacker to execute arbitrary code via a crafted filename. The issue is addressed by patches in Samba (e.g., ...