CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0457
https://notcve.org/view.php?id=CVE-2004-0457
19 Aug 2004 — The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. El script mysqlhotcopy de mysql 4.0.20 y anteriores, cuando se usa el método scp del paquete mysql-server, permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos en ficheros temporales. • http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2003-1331
https://notcve.org/view.php?id=CVE-2003-1331
31 Dec 2003 — Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453. • http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/1303.html •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2002-0969
https://notcve.org/view.php?id=CVE-2002-0969
11 Oct 2002 — Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. Desbordamiento de búfer en MySQL anteriores a 3.23.50, y 4.0 beta anteriores a 4.02 sobre Windows, y posiblemente otras plataformas, permite a usuarios locales ejecutar código arbitrario mediante un parámetro datadir largo e... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0004.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2001-0407 – MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting
https://notcve.org/view.php?id=CVE-2001-0407
27 Jun 2001 — Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). • https://www.exploit-db.com/exploits/20718 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2001-1454
https://notcve.org/view.php?id=CVE-2001-1454
09 Feb 2001 — Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request. • http://dev.mysql.com/doc/mysql/en/news-3-23-33.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2001-1274 – Mysql 3.22.x/3.23.x - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-1274
23 Jan 2001 — Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. • https://www.exploit-db.com/exploits/20581 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1275
https://notcve.org/view.php?id=CVE-2001-1275
19 Jan 2001 — MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. • http://marc.info/?l=bugtraq&m=98089552030459&w=2 •