CVE-2008-0226 – MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0226
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. Múltiples desbordamientos de búfer en yaSSL 1.7.5 y anteriores, como el utilizado en MySQL y posiblemente otros productos, permite a atacantes remotos ejecutar código de su elección mediante (1) la función ProcessOldClientHello en handshake.cpp o (2) "input_buffer& operator>>" en yassl_imp.cpp. • https://www.exploit-db.com/exploits/9953 https://www.exploit-db.com/exploits/16849 https://www.exploit-db.com/exploits/16701 http://bugs.mysql.com/33814 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/28324 http://secunia.com/advisories/28419 http://secunia.com/advisories/28597 http://secunia.com/advisories/29443 http://secunia.com/advisories/32222 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-0227
https://notcve.org/view.php?id=CVE-2008-0227
yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp. yaSSL 1.7.5 y anteriores, como el utilizado en MySQL y posiblemente otros productos, permite a atacantes remotos provocar una denegación de servicio (caída) mediante un paquete Hello que contiene un valor de tamaño grande, lo cual provoca una sobre-lectura de búfer en la función HASHwithTransform::Update en hash.cpp. • http://bugs.mysql.com/33814 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/28324 http://secunia.com/advisories/28597 http://secunia.com/advisories/29443 http://secunia.com/advisories/32222 http://securityreason.com/securityalert/3531 http://support.apple.com/kb/HT3216 http://www.debian.org/security/2008/dsa-1478 http://www.mandriva.com/security/advisor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-3731
https://notcve.org/view.php?id=CVE-2005-3731
Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and attack vectors, related to "certificate chain processing." • http://secunia.com/advisories/17619 http://www.osvdb.org/20831 http://www.securityfocus.com/bid/15487 http://yassl.com/release.html •