Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
Categorie: Vulnerability
Posted: 2005-01-15 by ReCall
Views: 444
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: iDEFENSE reported a buffer overflow in MySQL MaxDB. A remote user can execute arbitrary code on the target system.

The websql application does not properly validate the bounds of user-supplied input. A remote user can supply a specially crafted password parameter to trigger a stack overflow and execute arbitrary code (with System level privileges on Windows-based systems).

The vendor was notified on December 22, 2004.

The original advisory is avalable at:

http://www.idefense.com/application/poi/display?id=181&type=vulnerabilities

Impact: A remote user can execute arbitrary code on the target system. On Windows-based systems, the code will run with System level privileges.

Solution: The vendor has issued a fixed version (7.5.00.18), available at:

http://dev.mysql.com/downloads/maxdb-7.5.00.html
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1294

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES