159 matches found
MySQL < 5.1.41 Multiple Vulnerabilities
Binary data 801137.prm...
MySQL yaSSL SSL Hello Message Buffer Overflow (CVE-2008-0226)
MySQL is an open-source implementation of a relational database management system. MySQL supports the SQL Structured Query Language database query language. The database product allows remote network connections from client applications over the proprietary MySQL network protocol. MySQL Server...
MySQL yaSSL SSL Hello Message Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'MySQL yaSSL...
Mandriva Linux Security Advisory : mysql (MDVSA-2008:150)
Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code CVE-2008-0226 or cause a denial of service via a special Hello packet CVE-2008-0227. Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths...
Mandriva Update for mysql MDVSA-2008:150 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2008:150 mysql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for mysql MDVSA-2008:150 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2008:150 mysql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
Ubuntu Update for Linux kernel vulnerabilities USN-588-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5881.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu 6.06 LTS : mysql-dfsg-5.0 regression (USN-588-2)
USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for Ubuntu 6.06, additional improvements were made to make privilege checks more restictive. As a result, an upstream bug was exposed which could cause operations on tables or views in a different database to fail. This update fixe...
USN-588-2: MySQL regression
USN-588-1 fixed vulnerabilities in MySQL. In fixing CVE-2007-2692 for Ubuntu 6.06, additional improvements were made to make privilege checks more restictive. As a result, an upstream bug was exposed which could cause operations on tables or views in a different database to fail. This update fixe...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mysql-dfsg-5.0 vulnerabilities (USN-588-1)
Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service application crash via an EXPLAIN SELECT FROM on the INFORMATIONSCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. CVE-2006-7232 Alexander Nozdrin...
Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt2.a
March 16, 2008 Konstantin Lepikhov 5.0.51-alt2.a - 5.0.51a. - Security fixes: + CVE-2008-0226, CVE-2008-0227 Three vulnerabilities in yaSSL versions 1.7.5 that could lead to a server crash or execution of unauthorized code. + ALTER VIEW retained the original DEFINER value, even when altered by...
MySQL yaSSL SSL Hello message buffer overflow
Added: 03/10/2008 CVE: CVE-2008-0226 BID: 27140 OSVDB: 41935 Background MySQL is an open-source database software package available for multiple platforms. yaSSL is an SSL library. MySQL, if SSL support is enabled, uses yaSSL by default. Problem A buffer overflow vulnerability in the...
MySQL yaSSL SSL Hello message buffer overflow
Added: 03/10/2008 CVE: CVE-2008-0226 BID: 27140 OSVDB: 41935 Background MySQL is an open-source database software package available for multiple platforms. yaSSL is an SSL library. MySQL, if SSL support is enabled, uses yaSSL by default. Problem A buffer overflow vulnerability in the...
MySQL yaSSL SSL Hello message buffer overflow
Added: 03/10/2008 CVE: CVE-2008-0226 BID: 27140 OSVDB: 41935 Background MySQL is an open-source database software package available for multiple platforms. yaSSL is an SSL library. MySQL, if SSL support is enabled, uses yaSSL by default. Problem A buffer overflow vulnerability in the...
MySQL yaSSL SSL Hello message buffer overflow
Added: 03/10/2008 CVE: CVE-2008-0226 BID: 27140 OSVDB: 41935 Background MySQL is an open-source database software package available for multiple platforms. yaSSL is an SSL library. MySQL, if SSL support is enabled, uses yaSSL by default. Problem A buffer overflow vulnerability in the...
Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
The remote host is missing an update to mysql-dfsg-5.0 announced via advisory DSA 1478-1. OpenVAS Vulnerability Test $Id: deb14781.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1478-1 mysql-dfsg-5.0 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
DSA-1478-1 mysql-dfsg-5.0 - buffer overflows
Bulletin has no description...
CVE-2008-0227
yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service crash via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp...
CVE-2008-0226
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via 1 the ProcessOldClientHello function in handshake.cpp or 2 "inputbuffer& operator" in yasslimp.cpp...
Code injection
yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service crash via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp...