CVE-2012-5614 – MySQL - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2012-5614
Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements. MySQL v5.5.19 y posiblemente otras versiones, y MariaDB v5.5.28a y posiblemente otras versiones, permiten a usuarios remotos autenticados provocar una denegación de servicio (caída de mysqld) a través de un comando SELECT con un comando updateXML que contiene XML con un gran número de elementos anidados "unique". Oracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/23078 http://rhn.redhat.com/errata/RHSA-2013-0772.html http://seclists.org/fulldisclosure/2012/Dec/7 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.openwall.com/lists/oss-security/2012/12/02/3 http://www.openwall.com/lists/oss-security/2012/12/02/4 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555. •
CVE-2012-5612 – MySQL (Linux) - Heap Overrun (PoC)
https://notcve.org/view.php?id=CVE-2012-5612
Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands. El desbordamiento de búfer en la región heap de la memoria en MySQL versión 5.5.19 y otras versiones hasta 5.5.28, y MariaDB versión 5.5.28a y posiblemente otras versiones, de Oracle, permite a los usuarios remotos autenticados causar una denegación de servicio (corrupción de memoria y bloqueo) y posiblemente ejecutar código arbitrario, como es demostrado utilizando ciertas variaciones de los comandos (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE y (12) SET PASSWORD. Oracle MySQL on Linux suffers from a heap overrun vulnerability. • https://www.exploit-db.com/exploits/23076 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html http://seclists.org/fulldisclosure/2012/Dec/5 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.exploit-db.com/exploits/23076 http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.openwall.com/lists/oss-security/2012/12/02/3 ht • CWE-787: Out-of-bounds Write •
CVE-2012-5611 – MySQL (Linux) - Stack Buffer Overrun (PoC)
https://notcve.org/view.php?id=CVE-2012-5611
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. Desbordamiento de búfer basado en pila en MySQL v5.5.19, v5.1.53, y posiblemente otras versiones, y MariaDB v5.5.2.x antes de v5.5.28a, v5.3.x antes de v5.3.11, v5.2.x antes de v5.2.13 y v5.1.x antes de v5.1.66, permite a usuarios autenticados remotamente ejecutar código de su elección a través de un argumento largo en el comando GRANT FILE. • https://www.exploit-db.com/exploits/23075 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html http://lists • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVE-2012-0574 – mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-0574
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=135109152819176&w=2 http://rhn.redhat.com/errata/RHSA-2013-0219.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 https://access.redhat.com •
CVE-2012-3180 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3180
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.65 y anteriores, y v5.5.27 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server Optimizer. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.ubuntu.com/usn/USN-1621-1 https://exchange.xforce.ibmcloud.com/vulnerabilities •