CVE-2005-0710

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udfinit function...

Debian DSA-707-1 : mysql - several vulnerabilities

Several vulnerabilities have been discovered in MySQL, a popular database. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2004-0957 Sergei Golubchik discovered a problem in the access handling for similar named databases. If a user is granted privileges...

Mandrake Linux Security Advisory : MySQL (MDKSA-2005:060)

A number of vulnerabilities were discovered by Stefano Di Paola in the MySQL server : If an authenticated user had INSERT privileges on the 'mysql' database, the CREATE FUNCTION command allowed that user to use libc functions to execute arbitrary code with the privileges of the user running the...

CVE-2005-0709

CVE-2005-0709 affects MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10. The vulnerability arises from insufficient input validation in CREATE FUNCTION, allowing a remote authenticated user with INSERT and DELETE privileges to access libc calls (e.g., strcat, on_exit, exit) and potentially execute...

Microsoft SQL Server contains buffer overflow in code used to process "BULK INSERT" queries

Overview The Microsoft SQL Server contains a buffer overflow vulnerability that may allow remote attackers to execute arbitrary code with system privileges. Description The Microsoft SQL Server contains a buffer overflow vulnerability in the code used to process "Bulk Insert" queries. Bulk Insert...

CVE-2002-0641

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query...

CVE-2002-0641

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine MSDE 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query...

Microsoft SQL Server 2000 'BULK INSERT' Buffer Overflow (#NISR11072002)

NGSSoftware Insight Security Research Advisory Name: BULK INSERT Buffer Overflow Systems Affected: Microsoft SQL Server 2000 Severity: Medium Category: Buffer Overrun Vendor URL: http://www.microsoft.com/ Authors: Mark Litchfield [email protected] Advisory URL:...

PT-1999-1143 · Wietse Venema · Rpcbind

Name of the Vulnerable Software and Affected Versions: rpcbind affected versions not specified Description: The issue allows a remote attacker to insert and delete entries by spoofing a source address in rpcbind, affecting versions including Linux, IRIX, and Wietse Venema's rpcbind...

PT-2005-5552 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Debian GNU/Linux kernel versions 2.4.27 affected versions not specified Description: The issue is related to multiple vulnerabilities in the Debian GNU/Linux kernel, which can lead to a disruption of protected information. These vulnerabiliti...