Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DB:MYSQL:COMTABLEDUMP-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 DB

Keywords

 MySQL COM_TABLE_DUMP Function Stack Overflow

Release Date

 2006/05/30

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DB: MySQL COM_TABLE_DUMP Function Stack Overflow


This signature detects attempts to exploit a known vulnerability in the MySQL database. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the daemon.

Extended Description

MySQL is prone to multiple remote vulnerabilities: 1. A buffer-overflow vulnerability occurs because the software fails to perform sufficient boundary checks of user-supplied data before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of affected database servers. Failed exploit attempts will likely crash the server, denying further service to legitimate users. 2. Two information-disclosure vulnerabilities occur because the software fails to sufficiently sanitize and check boundaries of user-supplied data. These issues allow remote users to gain access to potentially sensitive information that may aid in further attacks.

Affected Products

  • Apple Mac OS X Server 10.4.0
  • Apple Mac OS X Server 10.4.1
  • Apple Mac OS X Server 10.4.2
  • Apple Mac OS X Server 10.4.3
  • Apple Mac OS X Server 10.4.4
  • Apple Mac OS X Server 10.4.5
  • Apple Mac OS X Server 10.4.6
  • Apple Mac OS X Server 10.4.7
  • Apple Mac OS X Server 10.4.8
  • Avaya Interactive Response 2.0
  • Avaya Interactive Response 3.0
  • Debian Linux 3.0.0
  • Debian Linux 3.0.0 Alpha
  • Debian Linux 3.0.0 Arm
  • Debian Linux 3.0.0 Hppa
  • Debian Linux 3.0.0 Ia-32
  • Debian Linux 3.0.0 Ia-64
  • Debian Linux 3.0.0 M68k
  • Debian Linux 3.0.0 Mips
  • Debian Linux 3.0.0 Mipsel
  • Debian Linux 3.0.0 Ppc
  • Debian Linux 3.0.0 S/390
  • Debian Linux 3.0.0 Sparc
  • Debian Linux 3.1.0
  • Debian Linux 3.1.0 Alpha
  • Debian Linux 3.1.0 Amd64
  • Debian Linux 3.1.0 Arm
  • Debian Linux 3.1.0 Hppa
  • Debian Linux 3.1.0 Ia-32
  • Debian Linux 3.1.0 Ia-64
  • Debian Linux 3.1.0 M68k
  • Debian Linux 3.1.0 Mips
  • Debian Linux 3.1.0 Mipsel
  • Debian Linux 3.1.0 Ppc
  • Debian Linux 3.1.0 S/390
  • Debian Linux 3.1.0 Sparc
  • Gentoo Linux
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Linux Mandrake 10.2.0
  • Mandriva Linux Mandrake 10.2.0 X86 64
  • Mandriva Linux Mandrake 2006.0.0
  • Mandriva Linux Mandrake 2006.0.0 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • MySQL AB MySQL 4.0.0 .0
  • MySQL AB MySQL 4.0.1
  • MySQL AB MySQL 4.0.10
  • MySQL AB MySQL 4.0.11
  • MySQL AB MySQL 4.0.11 -Gamma
  • MySQL AB MySQL 4.0.12
  • MySQL AB MySQL 4.0.13
  • MySQL AB MySQL 4.0.14
  • MySQL AB MySQL 4.0.15
  • MySQL AB MySQL 4.0.17
  • MySQL AB MySQL 4.0.18
  • MySQL AB MySQL 4.0.2
  • MySQL AB MySQL 4.0.20
  • MySQL AB MySQL 4.0.21
  • MySQL AB MySQL 4.0.23
  • MySQL AB MySQL 4.0.24
  • MySQL AB MySQL 4.0.25
  • MySQL AB MySQL 4.0.26
  • MySQL AB MySQL 4.0.3
  • MySQL AB MySQL 4.0.4
  • MySQL AB MySQL 4.0.5
  • MySQL AB MySQL 4.0.5 A
  • MySQL AB MySQL 4.0.6
  • MySQL AB MySQL 4.0.7
  • MySQL AB MySQL 4.0.7 -Gamma
  • MySQL AB MySQL 4.0.8
  • MySQL AB MySQL 4.0.8 -Gamma
  • MySQL AB MySQL 4.0.9
  • MySQL AB MySQL 4.0.9 -Gamma
  • MySQL AB MySQL 4.1.0-0
  • MySQL AB MySQL 4.1.0.0-Alpha
  • MySQL AB MySQL 4.1.0 .11
  • MySQL AB MySQL 4.1.10A
  • MySQL AB MySQL 4.1.11A
  • MySQL AB MySQL 4.1.13
  • MySQL AB MySQL 4.1.18
  • MySQL AB MySQL 4.1.2 -Alpha
  • MySQL AB MySQL 4.1.3 -0
  • MySQL AB MySQL 4.1.3 -Beta
  • MySQL AB MySQL 4.1.4
  • MySQL AB MySQL 4.1.5
  • MySQL AB MySQL 5.0.0 .0-0
  • MySQL AB MySQL 5.0.0 .0-Alpha
  • MySQL AB MySQL 5.0.1
  • MySQL AB MySQL 5.0.18
  • MySQL AB MySQL 5.0.2
  • MySQL AB MySQL 5.0.20
  • MySQL AB MySQL 5.0.3
  • MySQL AB MySQL 5.0.4
  • MySQL AB MySQL 5.1.9
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 4
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 9.1.0
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 10.1
  • SuSE Linux Personal 9.0.0
  • SuSE Linux Personal 9.0.0 X86 64
  • SuSE Linux Personal 9.1.0
  • SuSE Linux Personal 9.1.0 X86 64
  • SuSE Linux Personal 9.2.0
  • SuSE Linux Personal 9.2.0 X86 64
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Personal 9.3.0 X86 64
  • SuSE Linux Professional 10.0.0
  • SuSE Linux Professional 10.0.0 OSS
  • SuSE Linux Professional 10.1
  • SuSE Linux Professional 9.0.0
  • SuSE Linux Professional 9.0.0 X86 64
  • SuSE Linux Professional 9.1.0
  • SuSE Linux Professional 9.1.0 X86 64
  • SuSE Linux Professional 9.2.0
  • SuSE Linux Professional 9.2.0 X86 64
  • SuSE Linux Professional 9.3.0
  • SuSE Linux Professional 9.3.0 X86 64
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Open-Enterprise-Server 9.0.0
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE SuSE Linux Standard Server 8.0.0
  • SuSE UnitedLinux 1.0.0
  • Trustix Secure Enterprise Linux 2.0.0
  • Trustix Secure Linux 2.2.0
  • Trustix Secure Linux 3.0.0
  • Turbolinux Appliance Server 1.0.0 Hosting Edition
  • Turbolinux Appliance Server 1.0.0 Workgroup Edition
  • Turbolinux Appliance Server 2.0
  • Turbolinux Appliance Server Hosting Edition 1.0.0
  • Turbolinux Appliance Server Workgroup Edition 1.0.0
  • Turbolinux Home
  • Turbolinux Multimedia
  • Turbolinux Personal
  • Turbolinux 10 F...
  • Turbolinux FUJI
  • Turbolinux Turbolinux Desktop 10.0.0
  • Turbolinux Turbolinux Server 10.0.0
  • Turbolinux Turbolinux Server 10.0.0 X86
  • Turbolinux Turbolinux Server 7.0.0
  • Turbolinux Turbolinux Server 8.0.0
  • Turbolinux Turbolinux Workstation 8.0.0
  • Ubuntu Ubuntu Linux 5.0.0 4 Amd64
  • Ubuntu Ubuntu Linux 5.0.0 4 I386
  • Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
  • Ubuntu Ubuntu Linux 5.10.0 Amd64
  • Ubuntu Ubuntu Linux 5.10.0 I386
  • Ubuntu Ubuntu Linux 5.10.0 Powerpc

References

  • BugTraq: 17780
  • CVE: CVE-2006-1518
  • URL: http://www.securityfocus.com/archive/1/432733
  • URL: http://www.securityfocus.com/archive/1/432734

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out