|
Family: Databases --> Category: infos
MySQL User-Defined Function Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks MySQL version number
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote database server is affected by a buffer overflow flaw.
Description :
According to its version number, the installation of MySQL on the
remote host may be prone to a buffer overflow when copying the name of
a user-defined function into a stack-based buffer. With sufficient
access to create a user-defined function, a possible hacker may be able to
exploit this and execute arbitrary code within the context of the
affected database server process.
See also :
http://www.appsecinc.com/resources/alerts/mysql/2005-002.html
Solution :
Upgrade to MySQL 4.0.25 / 4.1.13 / 5.0.7-beta or later.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:R/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|