This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
DB:MYSQL:YASSL-HELLO-BO
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
DB
|
Keywords |
MySQL YaSSL SSL Hello Message Buffer Overflow
|
Release Date |
2013/08/07
|
Update Number |
2288
|
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
DB: MySQL YaSSL SSL Hello Message Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the MySQL Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
yaSSL is prone to multiple remote buffer-overflow vulnerabilities.
Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the library. Failed attacks will cause denial-of-service conditions.
yaSSL 1.7.5 is vulnerable to these issues; other versions are also likely to be affected.
Affected Products
- Apple mac_os_x_server 10.5.5
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Mandriva linux_mandrake 2007.1
- Mandriva linux_mandrake 2007.1 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Ubuntu ubuntu_linux 6.06 LTS Amd64
- Ubuntu ubuntu_linux 6.06 LTS I386
- Ubuntu ubuntu_linux 6.06 LTS Powerpc
- Ubuntu ubuntu_linux 6.06 LTS Sparc
- Ubuntu ubuntu_linux 6.10 Amd64
- Ubuntu ubuntu_linux 6.10 I386
- Ubuntu ubuntu_linux 6.10 Powerpc
- Ubuntu ubuntu_linux 6.10 Sparc
- Ubuntu ubuntu_linux 7.04 Amd64
- Ubuntu ubuntu_linux 7.04 I386
- Ubuntu ubuntu_linux 7.04 Powerpc
- Ubuntu ubuntu_linux 7.04 Sparc
- Ubuntu ubuntu_linux 7.10 Amd64
- Ubuntu ubuntu_linux 7.10 I386
- Ubuntu ubuntu_linux 7.10 Powerpc
- Ubuntu ubuntu_linux 7.10 Sparc
- Yassl yassl 1.7.5
References