ID de Prueba:	1.3.6.1.4.1.25623.1.0.51884
Categoría:	Gain a shell remotely
Título:	MySQL mysql_real_connect() buffer overflow
Resumen:	NOSUMMARY
Descripción:	Description: The installed version of MySQL, according to the version number, is vulnerable to a buffer overflow with the mysql_real_connect() function. An attacker with the ability to control the value of a DNS record queried by mysqld would be able to execute arbitrary code on the remote system. Versions up to 4.0.20 are known to be vulnerable. Solution : Upgrade to version 4.0.21 or later. Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	BugTraq ID: 10981 Common Vulnerability Exposure (CVE) ID: CVE-2004-0836 http://www.securityfocus.com/bid/10981 Bugtraq: 20041125 [USN-32-1] mysql vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110140517515735&w=2 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Conectiva Linux advisory: CLA-2004:892 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 Debian Security Information: DSA-562 (Google Search) http://www.debian.org/security/2004/dsa-562 http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml http://bugs.mysql.com/bug.php?id=4017 http://lists.mysql.com/internals/14726 http://www.redhat.com/support/errata/RHSA-2004-597.html http://www.redhat.com/support/errata/RHSA-2004-611.html http://secunia.com/advisories/12305/ http://www.trustix.org/errata/2004/0054/ XForce ISS Database: mysql-realconnect-bo(17047) https://exchange.xforce.ibmcloud.com/vulnerabilities/17047
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.