Signature Detail
Short Name |
DB:MYSQL:MYSQL-PASSWORD-OF |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
MySQL Password Field Buffer Overflow |
Release Date |
2003/09/18 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DB: MySQL Password Field Buffer Overflow
This signature detects attempts to exploit a known vulnerability against password changes in the MySQL server. By supplying an overly long value to the password field, the attacker can execute arbitrary commands on the victim host. Administrator level access on the database is required to exploit this vulnerability. This vulnerability is present in MySQL versions earlier than 4.0.15.
Extended Description
MySQL server has been reported prone to a buffer overflow vulnerability when handling user passwords of excessive size. The issue presents itself, due to a lack of sufficient bounds checking performed when processing MySQL user passwords. A password greater that 16 characters may overrun the bounds of a reserved buffer in memory and corrupt adjacent memory. An attacker with global administrative privileges on an affected MySQL server may potentially exploit this condition to have arbitrary supplied instructions executed in the context of the MySQL server.
Affected Products
- Conectiva Linux 7.0.0
- Conectiva Linux 8.0.0
- Conectiva Linux 9.0.0
- MySQL AB MySQL 3.23.0 .x
- MySQL AB MySQL 3.23.10
- MySQL AB MySQL 3.23.2
- MySQL AB MySQL 3.23.22
- MySQL AB MySQL 3.23.23
- MySQL AB MySQL 3.23.24
- MySQL AB MySQL 3.23.25
- MySQL AB MySQL 3.23.26
- MySQL AB MySQL 3.23.27
- MySQL AB MySQL 3.23.28
- MySQL AB MySQL 3.23.28 gamma
- MySQL AB MySQL 3.23.29
- MySQL AB MySQL 3.23.3
- MySQL AB MySQL 3.23.30
- MySQL AB MySQL 3.23.31
- MySQL AB MySQL 3.23.32
- MySQL AB MySQL 3.23.33
- MySQL AB MySQL 3.23.34
- MySQL AB MySQL 3.23.36
- MySQL AB MySQL 3.23.37
- MySQL AB MySQL 3.23.38
- MySQL AB MySQL 3.23.39
- MySQL AB MySQL 3.23.4
- MySQL AB MySQL 3.23.40
- MySQL AB MySQL 3.23.41
- MySQL AB MySQL 3.23.42
- MySQL AB MySQL 3.23.43
- MySQL AB MySQL 3.23.44
- MySQL AB MySQL 3.23.45
- MySQL AB MySQL 3.23.46
- MySQL AB MySQL 3.23.47
- MySQL AB MySQL 3.23.48
- MySQL AB MySQL 3.23.49
- MySQL AB MySQL 3.23.5
- MySQL AB MySQL 3.23.50
- MySQL AB MySQL 3.23.51
- MySQL AB MySQL 3.23.52
- MySQL AB MySQL 3.23.53
- MySQL AB MySQL 3.23.53 a
- MySQL AB MySQL 3.23.54
- MySQL AB MySQL 3.23.54 a
- MySQL AB MySQL 3.23.55
- MySQL AB MySQL 3.23.56
- MySQL AB MySQL 3.23.58
- MySQL AB MySQL 3.23.8
- MySQL AB MySQL 3.23.9
- MySQL AB MySQL 4.0.0 .0
- MySQL AB MySQL 4.0.1
- MySQL AB MySQL 4.0.10
- MySQL AB MySQL 4.0.11
- MySQL AB MySQL 4.0.11 -Gamma
- MySQL AB MySQL 4.0.12
- MySQL AB MySQL 4.0.13
- MySQL AB MySQL 4.0.14
- MySQL AB MySQL 4.0.2
- MySQL AB MySQL 4.0.3
- MySQL AB MySQL 4.0.4
- MySQL AB MySQL 4.0.5
- MySQL AB MySQL 4.0.5 A
- MySQL AB MySQL 4.0.6
- MySQL AB MySQL 4.0.7
- MySQL AB MySQL 4.0.7 -Gamma
- MySQL AB MySQL 4.0.8
- MySQL AB MySQL 4.0.8 -Gamma
- MySQL AB MySQL 4.0.9
- MySQL AB MySQL 4.0.9 -Gamma
- MySQL AB MySQL 4.1.0-0
- MySQL AB MySQL 4.1.0.0-Alpha
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux WS 2.1
- SGI ProPack 2.2.1
- SGI ProPack 2.3.0
References