Executive Summary
Summary | |
---|---|
Title | Sun Alert 236703 Multiple Security Vulnerabilities May Affect MySQL 4.0.x Bundled With Solaris 10 |
Informations | |||
---|---|---|---|
Name | SUN-236703 | First vendor Publication | 2008-04-21 |
Vendor | Sun | Last vendor Modification | 2008-04-21 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 10 Operating System Multiple security vulnerabilities in the "MySQL" package, an open source database package bundled with Solaris 10 (see mysqld(1)), may result in one or more of the following issues: 2.?? The "check_connection" function in sql_parse.cc in MySQL 4.0.x through 4.0.26 may allow?? a remote unauthorized users to read portions of memory via a username without a trailing null byte.?? This may result in a buffer over-read. For additional information see: 3."sql_parse.cc"?? in MySQL 4.0.x through 4.0.26 may allow a remote unauthorized users to obtain sensitive information via a "COM_TABLE_DUMP" request with an incorrect packet length that?? includes portions of memory in an error message. For additional information see: State: Preliminary First released: 21-Apr-2008 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_236703_multiple_security |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11036 | |||
Oval ID: | oval:org.mitre.oval:def:11036 | ||
Title: | sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. | ||
Description: | sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-1517 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9918 | |||
Oval ID: | oval:org.mitre.oval:def:9918 | ||
Title: | The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | ||
Description: | The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-1516 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5021168.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200605-13 (MySQL) File : nvt/glsa_200605_13.nasl |
2008-09-04 | Name : FreeBSD Ports: mysql-server File : nvt/freebsd_mysql-server10.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1071-1 (mysql) File : nvt/deb_1071_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1) File : nvt/deb_1073_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1079-1 (mysql-dfsg) File : nvt/deb_1079_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 829-1 (mysql) File : nvt/deb_829_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 831-1 (mysql-dfsg) File : nvt/deb_831_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1) File : nvt/deb_833_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1) File : nvt/deb_833_2.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2006-129-02 mysql File : nvt/esoft_slk_ssa_2006_129_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2006-155-01 mysql File : nvt/esoft_slk_ssa_2006_155_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
25228 | MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure MySQL contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious client sends a specially crafted invalid login or COM_TABLE_DUMP packets, which will disclose arbitrary memory in error messages resulting in a loss of confidentiality. |
25226 | MySQL Malformed Login Packet Remote Memory Disclosure |
18896 | MySQL User-Defined Function init_syms() Function Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | create function buffer overflow attempt RuleID : 4649 - Revision : 7 - Type : SERVER-MYSQL |
2014-01-10 | login handshake information disclosure attempt RuleID : 16020 - Revision : 13 - Type : SERVER-MYSQL |
2014-01-10 | MySQL COM_TABLE_DUMP Function Stack Overflow attempt RuleID : 11619 - Revision : 7 - Type : SERVER-MYSQL |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-11-18 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_0_21.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-306-1.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_mysql-1312.nasl - Type : ACT_GATHER_INFO |
2007-03-13 | Name : The remote host is missing a Mac OS X update which fixes a security issue. File : macosx_10_4_9.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2006_036.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-553.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-554.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1079.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1073.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1071.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0544.nasl - Type : ACT_GATHER_INFO |
2006-06-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0544.nasl - Type : ACT_GATHER_INFO |
2006-06-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2006-155-01.nasl - Type : ACT_GATHER_INFO |
2006-06-05 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4913886ce87511dab9f400123ffe8333.nasl - Type : ACT_GATHER_INFO |
2006-06-04 | Name : The remote database server is affected by an information disclosure flaw. File : mysql_anonymous_login_handshake_info_leakage.nasl - Type : ACT_ATTACK |
2006-05-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2006-129-02.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-084.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200605-13.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-283-1.nasl - Type : ACT_GATHER_INFO |
2006-01-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-180-2.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-180-1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-163.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-833.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-831.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-829.nasl - Type : ACT_GATHER_INFO |
2005-08-10 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_init_syms_buffer_overflow.nasl - Type : ACT_GATHER_INFO |