159 matches found
PT-2014-7256 · Oracle +4 · Mysql Server +4
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 5.5.39 and earlier Oracle MySQL Server versions 5.6.20 and earlier Description: The issue affects the availability of the system, related to CLIENT:SSL:yaSSL. Recommendations: For Oracle MySQL Server versions 5.5....
Oracle MySQL 5.5.x < 5.5.39 / 5.6.x < 5.6.20 Multiple Vulnerabilities
Binary data 8386.prm...
PT-2014-7243 · Oracle +4 · Mysql Server +4
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 5.5.38 and earlier Oracle MySQL Server versions 5.6.19 and earlier Description: The issue affects the integrity of the system, related to vectors concerning SERVER:SSL:yaSSL. Recommendations: For Oracle MySQL Serv...
MySQL yaSSL CertDecoder::GetName Buffer Overflow
No description provided by source. $Id: mysqlyasslgetname.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...
MySQL yaSSL SSL Hello Message Buffer Overflow
No description provided by source. $Id: mysqlyasslhello.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow
MySQL yaSSL SSL Hello Message Buffer Overflow 1. 漏洞介绍和分析 yaSSL是用于实现SSL的开源软件包。 yaSSL实现上存在多个远程溢出及无效内存访问问题,远程攻击者可能利用此漏洞控制服务器。 向堆栈缓冲区溢出的yaSSL1.7.5和更早的版本实现与MySQL捆绑 = 6.0。通过发送一个专门制作的HEllo 包 ,攻击者可以执行任意代码。 代码分析: 用于包含客户端所接收的Hello报文中的数据的缓冲区结构如下源自yasslimp.hpp: class ClientHello : public HandShakeBase...
MySQL yaSSL Heap Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MySQL with yaSSL. Authentication is not required to exploit this vulnerability. The specific flaw exists within the yaSSL library that is optionally used by MySQL for SSL communication. There exist...
Oracle MySQL Server 5.5.x < 5.5.30 yaSSL Buffer Overflow
Binary data 6766.prm...
MySQL Server 5.5.x < 5.5.30 yaSSL Buffer Overflow
Binary data 801148.prm...
MySQL 'yaSSL' Buffer Overflow Vulnerability
MySQL is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql"; ifdescription...
MariaDB 5.5.0 < 5.5.28 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 5.5.28. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.28 advisory. - Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote...
MariaDB 5.5.0 < 5.5.30 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 5.5.30. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.30 advisory. - Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticat...
MySQL 5.1 < 5.1.68 Multiple Vulnerabilities
The version of MySQL 5.1 installed on the remote host is earlier than 5.1.68 and is, therefore, affected by vulnerabilities related to 'yaSSL'. These errors could result in buffer overflows and possibly arbitrary code execution. C Tenable Network Security, Inc. include"compat.inc"; if description...
CVE-2013-1492
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553...
CVE-2012-0553
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492...
Buffer overflow
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492...
Buffer overflow
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553...
CVE-2013-1492
CVE-2013-1492 describes a buffer overflow in yaSSL as used by MySQL 5.1.x prior to 5.1.68 and 5.5.x prior to 5.5.30. The description explicitly notes the impact as unspecified and does not detail exploit vectors. The root cause is a yaSSL buffer overflow, with the vulnerability tied to the MySQL ...
CVE-2013-1492
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553...
CVE-2012-0553
CVE-2012-0553 describes a buffer overflow in yaSSL used by MySQL 5.1.x (before 5.1.68) and 5.5.x (before 5.5.28); impact and attack vectors are not specified in the description.