Gain a shell remotely : MySQL mysqlbug/mysqld

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51889

Categoría: Gain a shell remotely

Título: MySQL mysqlbug/mysqld_multi priviledge escalation

Resumen: NOSUMMARY

Descripción: Description:

The installed version of MySQL, according to the version
number, is vulnerable to a buffer overflow vulnerability
that can cause a denial of service and potentially remote
code execution.

Versions prior up to 3.23.58 and 4.0.18 are known to be vulnerable.

Solution : Upgrade to 3.23.59 or 4.0.19 or later.
Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: BugTraq ID: 7052
Common Vulnerability Exposure (CVE) ID: CVE-2004-0381
BugTraq ID: 9976
http://www.securityfocus.com/bid/9976
Bugtraq: 20040324 mysqlbug tmpfile/symlink vulnerability. (Google Search)
http://marc.info/?l=bugtraq&m=108023246916294&w=2
Bugtraq: 20040414 [OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql) (Google Search)
http://marc.info/?l=bugtraq&m=108206802810402&w=2
Computer Incident Advisory Center Bulletin: P-018
http://www.ciac.org/ciac/bulletins/p-018.shtml
Debian Security Information: DSA-483 (Google Search)
http://www.debian.org/security/2004/dsa-483
http://security.gentoo.org/glsa/glsa-200405-20.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:034
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11557
http://www.redhat.com/support/errata/RHSA-2004-569.html
http://www.redhat.com/support/errata/RHSA-2004-597.html
XForce ISS Database: mysql-mysqlbug-symlink(15617)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15617
Common Vulnerability Exposure (CVE) ID: CVE-2004-0388
BugTraq ID: 10142
http://www.securityfocus.com/bid/10142
http://www.osvdb.org/6421
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10559
http://securitytracker.com/id?1009784
http://secunia.com/advisories/11223/
XForce ISS Database: mysql-mysqldmulti-symlink(15883)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15883

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51889
Categoría:	Gain a shell remotely
Título:	MySQL mysqlbug/mysqld_multi priviledge escalation
Resumen:	NOSUMMARY
Descripción:	Description: The installed version of MySQL, according to the version number, is vulnerable to a buffer overflow vulnerability that can cause a denial of service and potentially remote code execution. Versions prior up to 3.23.58 and 4.0.18 are known to be vulnerable. Solution : Upgrade to 3.23.59 or 4.0.19 or later. Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 7052 Common Vulnerability Exposure (CVE) ID: CVE-2004-0381 BugTraq ID: 9976 http://www.securityfocus.com/bid/9976 Bugtraq: 20040324 mysqlbug tmpfile/symlink vulnerability. (Google Search) http://marc.info/?l=bugtraq&m=108023246916294&w=2 Bugtraq: 20040414 [OpenPKG-SA-2004.014] OpenPKG Security Advisory (mysql) (Google Search) http://marc.info/?l=bugtraq&m=108206802810402&w=2 Computer Incident Advisory Center Bulletin: P-018 http://www.ciac.org/ciac/bulletins/p-018.shtml Debian Security Information: DSA-483 (Google Search) http://www.debian.org/security/2004/dsa-483 http://security.gentoo.org/glsa/glsa-200405-20.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11557 http://www.redhat.com/support/errata/RHSA-2004-569.html http://www.redhat.com/support/errata/RHSA-2004-597.html XForce ISS Database: mysql-mysqlbug-symlink(15617) https://exchange.xforce.ibmcloud.com/vulnerabilities/15617 Common Vulnerability Exposure (CVE) ID: CVE-2004-0388 BugTraq ID: 10142 http://www.securityfocus.com/bid/10142 http://www.osvdb.org/6421 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10559 http://securitytracker.com/id?1009784 http://secunia.com/advisories/11223/ XForce ISS Database: mysql-mysqldmulti-symlink(15883) https://exchange.xforce.ibmcloud.com/vulnerabilities/15883
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com