Signature Detail
Short Name |
DB:MYSQL:MAXDB-GET-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
MaxDB Get Overflow |
Release Date |
2005/06/01 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DB: MaxDB Get Overflow
This signature detects attempts to exploit a known vulnerability against MaxDB Web packages. A successful attack can allow an attacker to execute arbitrary code with elevated privileges.
Extended Description
A remote buffer-overflow vulnerability affects MySQL MaxDB because the application fails to properly validate the length of user-supplied strings before copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Affected Products
- MySQL AB MaxDB 7.5.0 .00
- MySQL AB MaxDB 7.5.0 .00.08
- MySQL AB MaxDB 7.5.0 .00.11
- MySQL AB MaxDB 7.5.0 .00.12
- MySQL AB MaxDB 7.5.0 .00.14
- MySQL AB MaxDB 7.5.0 .00.15
- MySQL AB MaxDB 7.5.0 .00.16
- MySQL AB MaxDB 7.5.0 .00.18
- MySQL AB MaxDB 7.5.0 .00.19
- MySQL AB MaxDB 7.5.0 .00.23
- MySQL AB MaxDB 7.5.0 .00.24
- MySQL AB MaxDB 7.5.0 .00.25
References