| VID |
25027 |
| Severity |
40 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The MySQL server, according to its version number, is vulnerable to a Buffer Overflow Vulnerability in improperly handling passwords.
MySQL is a popular freely distributed relational database server often used as a back-end for many Web sites. Some versions of MySQL are vulnerable to a buffer overflow vulnerability due to improper bounds checking when handling MySQL user passwords. By supplying a password greater than 16 characters, a remote attacker can overflow a buffer and execute arbitrary code on the server with privileges of the MySQL server account.
* Note: This check solely relied on the version number of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2003-09/0188.html
http://www.kb.cert.org/vuls/id/516492
* Platforms Affected:
MySQL 3.0.57 and earlier
MySQL 4.0.14 and earlier
Conectiva Linux 7.0, 8.0, 9.0
Mandrake Linux 8.2, 9.0, 9.1, Corporate Server 2.1
Debian Linux 3.0
EnGarde Secure Linux 1.0.1, Community Edition, Professional Edition
OpenPKG 1.2, 1.3, CURRENT
Unix Any version
Windows Any version |
| Recommendation |
Upgrade to the latest version of MySQL (4.0.15 or later), available from the MySQL Web site at
http://www.mysql.com/downloads/mysql-4.0.html
For Conectiva Linux:
Upgrade to the latest MySQL package, as listed in Conectiva Linux Security Announcement CLSA-2003:743 at http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000743
For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest MySQL package (3.23.49-8.5 or later), as listed in Debian Security Advisory DSA-381-1 at http://www.debian.org/security/2003/dsa-381
For Gentoo Linux:
Upgrade to the appropriate version of MySQL, as listed in Gentoo Linux Security Announcement 200309-08 at http://www.linuxsecurity.com/advisories/gentoo_advisory-3620.html
For OpenPKG:
Upgrade to the latest MySQL package, as listed in OpenPKG Security Advisory OpenPKG-SA-2003.038 at http://www.openpkg.org/security/OpenPKG-SA-2003.038-mysql.html
For EnGarde Secure Linux Community Edition and Professional Edition:
Upgrade to the latest MySQL package (3.23.56-1.0.24 or later), as listed in Guardian Digital Security Advisory ESA-20030918-025 at http://www.linuxsecurity.com/advisories/engarde_advisory-3650.html
For Mandrake Linux:
Upgrade to the latest MySQL package, as listed in MandrakeSoft Security Advisory MDKSA-2003:094:MySQL at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:094
For other distributions:
Contact your vendor for upgrade or patch information.
As a workaround, an unofficial unsupported patch to address this vulnerability in MySQL 4.0.14 has been supplied:
http://downloads.securityfocus.com/vulnerabilities/patches/MySQL4.0.14.Patch |
| Related URL |
CVE-2003-0780 (CVE) |
| Related URL |
8590 (SecurityFocus) |
| Related URL |
13153 (ISS) |
|
