CVE-2006-3469 – MySQL 4.x/5.x - Server Date_Format Denial of Service
https://notcve.org/view.php?id=CVE-2006-3469
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message. Vulnerabilidad de cadena de formato en time.cc de MySQL Server 4.1 anterior a 4.1.21 y 5.0 anterior al 1 de abril de 2006 permite a usuarios autenticados remotamente provocar una denegación de servicio (caída) mediante una cadena de formato en lugar de una fecha como el primer parámetro para la función date_format, la cual es posteriormente utilizada en una llamada de escritura formateada para mostrar el mensaje de error. • https://www.exploit-db.com/exploits/28234 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 http://bugs.mysql.com/bug.php?id=20729 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/21147 http://secunia.com/advisories/21366 http://secunia.com/advisories/24479 http://secunia.com/advisories/31226& • CWE-134: Use of Externally-Controlled Format String •
CVE-2006-3081 – MySQL Server 4/5 - Str_To_Date Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3081
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. mysqld en MySQL v4.1.x antes de v4.1.18, v5.0.x antes de v5.0.19, y v5.1.x antes de v5.1.6 permite causar una denegación de servicio (caída del demonio) a usuarios remotos autorizados a través de un segundo argumento nulo para la función STR_TO_DATE. • https://www.exploit-db.com/exploits/28026 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913 http://bugs.mysql.com/bug.php?id=15828 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20832 http://secunia.com/advisories/20871 http://secunia.com/advisories/24479 http: •
CVE-2006-2753
https://notcve.org/view.php?id=CVE-2006-2753
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369735 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.mysql.com/announce/364 http://secunia.com/advisories/20365 http://secunia.com/advisories/20489 http://secunia.com/advisories/20531 http://secunia.com/advisories/20541 http://secunia.com/advisories/20562 http://secunia.com/advisories/20625 http://secunia.com/advisories/20712 http: •
CVE-2006-1517
https://notcve.org/view.php?id=CVE-2006-1517
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20002 http://secunia.com/advisories/20073 http://secunia.com/advisories/20076 http://secun •
CVE-2006-1516 – MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage
https://notcve.org/view.php?id=CVE-2006-1516
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. • https://www.exploit-db.com/exploits/1742 http://bugs.debian.org/365938 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20002 http://secunia.com/advisories/20073 http://secunia.com/advisories/20 •