Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Databases --> Category: infos

MySQL User-Defined Function Buffer Overflow Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Checks MySQL version number

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote database server is affected by a buffer overflow flaw.

Description :

According to its version number, the installation of MySQL on the
remote host may be prone to a buffer overflow when copying the name of
a user-defined function into a stack-based buffer. With sufficient
access to create a user-defined function, a possible hacker may be able to
exploit this and execute arbitrary code within the context of the
affected database server process.

See also :

http://www.appsecinc.com/resources/alerts/mysql/2005-002.html

Solution :

Upgrade to MySQL 4.0.25 / 4.1.13 / 5.0.7-beta or later.

Threat Level:

Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:R/C:P/A:P/I:P/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.