Page 20 of 197 results (0.004 seconds)

CVSS: 8.8EPSS: 14%CPEs: 38EXPL: 0

16 Aug 2005 — Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. A stack-based buffer overflow in the init_syms function of MySQL, a popular database, has been discovered that allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. The ability to... • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.18.1/SCOSA-2006.18.1.txt •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

17 May 2005 — mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents. • http://marc.info/?l=full-disclosure&m=111632686805498&w=2 •

CVSS: 8.8EPSS: 33%CPEs: 34EXPL: 3

11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. Debian Security Advisory 707-1. Multiple issues with MySQL, including: incorrect privilege handling (users get illegitimate access to databases named similarly to those they have legitimate access to), arbitrary command execution for any user that has been granted INSE... • https://www.exploit-db.com/exploits/25209 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 24%CPEs: 34EXPL: 2

11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. Debian Security Advisory 707-1. Multiple issues with MySQL, including: incorrect privilege handling (users get illegitimate access to databases named similarly to those they have legitimate access to), arbitrary command executio... • https://www.exploit-db.com/exploits/25210 •

CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 3

11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. Debian Security Advisory 707-1. Multiple issues with MySQL, including: incorrect privilege handling (users get illegitimate access to databases named similarly to those they have legitimate access to), arbitrary command execution for any user that has been granted INSERT and DELETE righ... • https://www.exploit-db.com/exploits/25211 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

20 Jan 2005 — The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simbólicos ... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 3%CPEs: 5EXPL: 3

13 Oct 2004 — MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities. MySQL 4 anteriores a 4.0.21 y 3.x anteriores a 3.23.49 comprueban los derechos CREATE/INSERT de la tabla original en lugar de los de la tabla de destino en una operación ALTER TABLE RANAME, lo que podría permitir a atacantes realizar actividad... • https://www.exploit-db.com/exploits/24669 •