CVE-2006-1518 – MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-1518
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values. • https://www.exploit-db.com/exploits/1741 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20241 http://secunia.com/advisories/20253 http://secunia.com/advisories/20333 http://secunia.com/advisories/20457 http://secunia.com/advisories/20762 http://securityreason.co •
CVE-2006-1516 – MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage
https://notcve.org/view.php?id=CVE-2006-1516
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. • https://www.exploit-db.com/exploits/1742 http://bugs.debian.org/365938 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20002 http://secunia.com/advisories/20073 http://secunia.com/advisories/20 •
CVE-2006-0903 – MySQL 5.0.18 - Query Logging Bypass
https://notcve.org/view.php?id=CVE-2006-0903
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query. • https://www.exploit-db.com/exploits/27326 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0653.html http://bugs.mysql.com/bug.php?id=17667 http://rst.void.ru/papers/advisory39.txt http://secunia.com/advisories/19034 http://secunia.com/advisories/19502 http://secunia.com/advisories/19814 http://secunia.com/advisories/20241 http://secunia.com/advisories/20253 http://secunia.com/advisories/20333 http://secunia.com/advisories/20625 http://secunia.com/advisories& •
CVE-2006-0369
https://notcve.org/view.php?id=CVE-2006-0369
MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that the availability of the schema is a normal and sometimes desired aspect of database access • http://www.securityfocus.com/archive/1/422491/100/0/threaded http://www.securityfocus.com/archive/1/422592/100/0/threaded http://www.securityfocus.com/archive/1/422698/100/0/threaded http://www.securityfocus.com/archive/1/423180/30/7310/threaded http://www.securityfocus.com/archive/1/423204/100/0/threaded http://www.securityfocus.com/archive/1/423228/100/0/threaded http://www.securityfocus.com/archive/1/423432/100/0/threaded • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2005-2572
https://notcve.org/view.php?id=CVE-2005-2572
MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://marc.info/?l=bugtraq&m=112360818900941&w=2 http://secunia.com/advisories/54788 http://www.appsecinc.com/resources/alerts/mysql/2005-003.html http://www.securityfocus.com/bid/62358 http://www.securitytracker.com/id/1029010 https://exchange.xforce.ibmcloud.com/vulnerabilities/21756 •