DSA-381 mysql - buffer overflow

Bulletin has no description...

MySQL buffer overflow

Buffer overflow on processing users password table...

Buffer overflow in MySQL

Product : MySQL Date : 10/09/2003 Author : Frank Denis [email protected] ------------------------ Product description ------------------------ From the web site : MySQL is the world's most popular open source database, recognized for its speed and reliability. Today MySQL is the most popular open...

osCommerce 2.2 - product_info.php Denial of Service

osCommerce 2.2 - productinfo.php Denial of Service source: https://www.securityfocus.com/bid/7351/info It has been reported that an attacker may trigger a denial of service condition in osCommerce application. If malicious URI parameters are passed to several of the osCommerce PHP pages, the mySQ...

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...

MySQL allows default user to be changed to root via custom "my.cnf" file

Overview MySQL reads configuration options from world-writeable files. This can lead to a remote user gaining elevated privileges. Description A message posted to the bugtraq mailing list details a vulnerability affecting versions of MySQL prior to 3.23.56. MySQL would permit users with 'FILE'...

MySQL datadir/my.cnf Modification Privilege Escalation

The remote version of MySQL is older than 3.23.56. Such versions are affected by an issue that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a 'DATADIR/my.cnf' that includes the line 'user=root' under the 'mysqld' option...

MySQL 3.23.x - 'mysqld' Local Privilege Escalation

source: https://www.securityfocus.com/bid/7052/info A vulnerability has been discovered for MySQL that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line 'user=root' under the 'mysqld' opti...

CVE-2002-1374

The COMCHANGEUSER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password...

CVE-2002-1373

Signed integer vulnerability in the COMTABLEDUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service crash or hang in mysqld by causing large negative integers to be provided to a memcpy call...

MySQL 3.23.x/4.0.x - 'COM_CHANGE_USER' Password Length Account

/ source: https://www.securityfocus.com/bid/6373/info A flaw in the password authentication mechanism for MySQL may make it possible for an authenticated database user to compromise the accounts of other database users. The flaw lies in the fact that the server uses a string returned by the clien...

MySQL 3.23.x4.0.x - COM_CHANGE_USER Password Memory Corruption

MySQL 3.23.x4.0.x - COMCHANGEUSER Password Memory Corruption source: https://www.securityfocus.com/bid/6375/info MySQL is prone to a memory corruption vulnerability in the COMCHANGEUSER command. Due to a lack of sufficient bounds checking for client responses to password authentication challenges...

Локальная дырка в MySQL

Переполнение буфера при запуске с ключем -е...

CVE-2001-1275

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking...

CVE-2001-1274

Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges...

CVE-2001-0407

Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. dot dot...

Inproper input validation in Bugzilla <=2.14 - exploit

Since advisory and patched version is already released, here goes description of vulnerabilities I discovered in Bugzilla almost year ago. 1. Creating files on remote server. ----------------------------------- Nothing spectacular, but this vulnerability may allow us easily at least when using...

CVE-2001-0407

Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. dot dot...

MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting

source: https://www.securityfocus.com/bid/2522/info MySQL is a relational database management system RDBMS, freely available and open source. It is maintained by MySQL AB. A problem with the implementation of some MySQL databases may permit local users to overwrite sensitive system files. This...