Gain a shell remotely : MySQL < 4.0.21 Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.14319

Categoría: Gain a shell remotely

Título: MySQL < 4.0.21 Buffer Overflow Vulnerability

Resumen: MySQL is prone to a buffer overflow vulnerability.

Descripción: Summary:
MySQL is prone to a buffer overflow vulnerability.

Vulnerability Insight:
The MySQL version is vulnerable to a length overflow within it's
mysql_real_connect() function.

The overflow is due to an error in the processing of a return Domain (DNS) record.

An attacker, exploiting this flaw, would need to control a DNS server which would be queried by
the MySQL server.

Vulnerability Impact:
A successful attack would give the attacker the ability to
execute arbitrary code on the remote machine.

Solution:
Update to version 4.0.21 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0836
BugTraq ID: 10981
http://www.securityfocus.com/bid/10981
Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110140517515735&w=2
Computer Incident Advisory Center Bulletin: P-018
http://www.ciac.org/ciac/bulletins/p-018.shtml
Conectiva Linux advisory: CLA-2004:892
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892
Debian Security Information: DSA-562 (Google Search)
http://www.debian.org/security/2004/dsa-562
http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml
http://bugs.mysql.com/bug.php?id=4017
http://lists.mysql.com/internals/14726
http://www.redhat.com/support/errata/RHSA-2004-597.html
http://www.redhat.com/support/errata/RHSA-2004-611.html
http://secunia.com/advisories/12305/
http://www.trustix.org/errata/2004/0054/
XForce ISS Database: mysql-realconnect-bo(17047)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17047

Copyright Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.14319
Categoría:	Gain a shell remotely
Título:	MySQL < 4.0.21 Buffer Overflow Vulnerability
Resumen:	MySQL is prone to a buffer overflow vulnerability.
Descripción:	Summary: MySQL is prone to a buffer overflow vulnerability. Vulnerability Insight: The MySQL version is vulnerable to a length overflow within it's mysql_real_connect() function. The overflow is due to an error in the processing of a return Domain (DNS) record. An attacker, exploiting this flaw, would need to control a DNS server which would be queried by the MySQL server. Vulnerability Impact: A successful attack would give the attacker the ability to execute arbitrary code on the remote machine. Solution: Update to version 4.0.21 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0836 BugTraq ID: 10981 http://www.securityfocus.com/bid/10981 Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110140517515735&w=2 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Conectiva Linux advisory: CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 Debian Security Information: DSA-562 (Google Search) http://www.debian.org/security/2004/dsa-562 http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml http://bugs.mysql.com/bug.php?id=4017 http://lists.mysql.com/internals/14726 http://www.redhat.com/support/errata/RHSA-2004-597.html http://www.redhat.com/support/errata/RHSA-2004-611.html http://secunia.com/advisories/12305/ http://www.trustix.org/errata/2004/0054/ XForce ISS Database: mysql-realconnect-bo(17047) https://exchange.xforce.ibmcloud.com/vulnerabilities/17047
Copyright	Copyright (C) 2004 David Maciejak