This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mysql:mysql:4.0.20
Detail
VendorMysqlFirst view 2004-09-28
ProductMysqlLast view 2012-10-16
Version4.0.20TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mysql:mysql

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.82012-10-16CVE-2012-3177NetworkLowRequires ...
42012-10-16CVE-2012-3166NetworkLowRequires ...
2.12012-10-16CVE-2012-3160LocalLowNone Requ...
42012-05-03CVE-2012-1697NetworkLowRequires ...
42012-05-03CVE-2012-1696NetworkLowRequires ...
Hide | Show 16 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
8.52009-07-13CVE-2009-2446NetworkMediumRequires ...
4.62008-09-18CVE-2008-4098NetworkHighRequires ...
3.62006-08-18CVE-2006-4226NetworkHighRequires ...
2.12006-08-09CVE-2006-4031LocalLowNone Requ...
52006-05-05CVE-2006-1517NetworkLowNone Requ...
52006-05-05CVE-2006-1516NetworkLowNone Requ...
4.62006-02-27CVE-2006-0903LocalLowNone Requ...
52005-08-16CVE-2005-2573NetworkLowNone Requ...
4.62005-08-16CVE-2005-2558LocalLowNone Requ...
2.12005-05-02CVE-2005-0711LocalLowNone Requ...
4.62005-05-02CVE-2005-0710LocalLowNone Requ...
4.62005-05-02CVE-2005-0709LocalLowNone Requ...
4.62005-04-14CVE-2005-0004LocalLowNone Requ...
6.82005-02-09CVE-2004-0957NetworkMediumNone Requ...
52005-01-10CVE-2004-0956NetworkLowNone Requ...
4.62004-09-28CVE-2004-0457LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (1)CWE-134Uncontrolled Format String
33% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
33% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-15Command Delimiters

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:10693The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp metho...
oval:org.mitre.oval:def:10479MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:10180MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:9591MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names...
oval:org.mitre.oval:def:9915MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via ...
Hide | Show 9 More...
idName
oval:org.mitre.oval:def:9918The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4....
oval:org.mitre.oval:def:11036sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to...
oval:org.mitre.oval:def:10468MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:10729MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca...
oval:org.mitre.oval:def:10591MySQL before 5.0.67 allows local users to bypass certain privilege checks by ...
oval:org.mitre.oval:def:7905DSA-1877 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
oval:org.mitre.oval:def:12751DSA-1877-1 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
oval:org.mitre.oval:def:11857Multiple format string vulnerabilities in the dispatch_command function in li...
oval:org.mitre.oval:def:22888ELSA-2009:1289: mysql security and bug fix update (Moderate)

Open Source Vulnerability Database (OSVDB)

idDescription
55734MySQL sql_parse.cc dispatch_command() Function Format String DoS
44937MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
28012MySQL Case Sensitivity Unauthorized Database Creation
27703MySQL MERGE Table Privilege Persistence
25228MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
Hide | Show 11 More...
idDescription
25226MySQL Malformed Login Packet Remote Memory Disclosure
23526MySQL Query NULL Charcter Logging Bypass
18897MySQL on Windows UDF Create Function Traversal Privilege Escalation
18896MySQL User-Defined Function init_syms() Function Overflow
14678MySQL CREATE FUNCTION Arbitrary libc Code Execution
14677MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
14676MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
13013MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
10985MySQL MATCH..AGAINST Query DoS
10959MySQL GRANT ALL ON Privilege Escalation
9015MySQL mysqlhotcopy Insecure Temporary File Creation

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-15Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
Hide | Show 20 More...
idDescription
2012-11-06Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-03-16Name : Ubuntu Update for mysql-5.1 USN-1397-1
File : nvt/gb_ubuntu_USN_1397_1.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201201-02 (MySQL)
File : nvt/glsa_201201_02.nasl
2011-08-09Name : CentOS Update for mysql CESA-2010:0109 centos5 i386
File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl
2011-08-09Name : CentOS Update for mysql CESA-2009:1289 centos5 i386
File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl
2010-05-12Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-02-19Name : CentOS Update for mysql CESA-2010:0110 centos4 i386
File : nvt/gb_CESA-2010_0110_mysql_centos4_i386.nasl
2010-02-19Name : RedHat Update for mysql RHSA-2010:0109-01
File : nvt/gb_RHSA-2010_0109-01_mysql.nasl
2010-02-19Name : RedHat Update for mysql RHSA-2010:0110-01
File : nvt/gb_RHSA-2010_0110-01_mysql.nasl
2010-02-15Name : Ubuntu Update for MySQL vulnerabilities USN-897-1
File : nvt/gb_ubuntu_USN_897_1.nasl
2010-01-19Name : Mandriva Update for mysql MDVSA-2010:011 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_011.nasl
2010-01-19Name : Mandriva Update for mysql MDVSA-2010:012 (mysql)
File : nvt/gb_mandriva_MDVSA_2010_012.nasl
2009-12-14Name : Fedora Core 10 FEDORA-2009-12180 (mysql)
File : nvt/fcore_2009_12180.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:326 (mysql)
File : nvt/mdksa_2009_326.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql.nasl
2009-10-13Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql0.nasl
2009-10-11Name : SLES11: Security update for MySQL
File : nvt/sles11_libmysqlclient1.nasl
2009-10-10Name : SLES9: Security update for MySQL
File : nvt/sles9p5020865.nasl
2009-10-10Name : SLES9: Security update for mysql
File : nvt/sles9p5014017.nasl

Snort® IPS/IDS

DateDescription
2014-01-10create function buffer overflow attempt
RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7
2014-01-10create function access attempt
RuleID : 3528 - Type : SERVER-MYSQL - Revision : 8
2014-01-10Microsoft MSN Messenger png overflow
RuleID : 3130-community - Type : PUA-OTHER - Revision : 8
2014-01-10Microsoft MSN Messenger png overflow
RuleID : 3130 - Type : PUA-OTHER - Revision : 8
2014-01-10create function mysql.func arbitrary library injection attempt
RuleID : 17412 - Type : SERVER-MYSQL - Revision : 5
Hide | Show 5 More...
DateDescription
2014-01-10mysql_log COM_DROP_DB format string vulnerability exploit attempt
RuleID : 16708 - Type : SERVER-MYSQL - Revision : 7
2014-01-10mysql_log COM_CREATE_DB format string vulnerability exploit attempt
RuleID : 16707 - Type : SERVER-MYSQL - Revision : 7
2014-01-10login handshake information disclosure attempt
RuleID : 16020 - Type : SERVER-MYSQL - Revision : 9
2014-01-10create function libc arbitrary code execution attempt
RuleID : 15952 - Type : SERVER-MYSQL - Revision : 5
2014-01-10MySQL COM_TABLE_DUMP Function Stack Overflow attempt
RuleID : 11619 - Type : SERVER-MYSQL - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-273.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-276.nasl - Type : ACT_GATHER_INFO
2013-08-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0152.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0109.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0110.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote database server has multiple vulnerabilities.
File : mariadb_5_5_28.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1289.nasl - Type : ACT_GATHER_INFO
2012-12-05Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2581.nasl - Type : ACT_GATHER_INFO
2012-11-16Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20121114_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-11-15Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2012-11-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1462.nasl - Type : ACT_GATHER_INFO
2012-11-06Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1621-1.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_1_64.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_1_66.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_5_26.nasl - Type : ACT_GATHER_INFO
2012-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_5_28.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100216_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100216_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090902_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080521_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080724_mysql_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-04-11Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_5_22.nasl - Type : ACT_GATHER_INFO
2012-03-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1397-1.nasl - Type : ACT_GATHER_INFO