4.6

CVE-2006-0903

EPSS 0.28%
Veröffentlicht 27.02.2006 23:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function.  NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 28

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mysql ≫ Mysql Version4.1.0

Mysql ≫ Mysql Version4.1.3

Mysql ≫ Mysql Version4.1.8

Mysql ≫ Mysql Version4.1.10

Mysql ≫ Mysql Version4.1.12

Mysql ≫ Mysql Version4.1.13

Mysql ≫ Mysql Version4.1.14

Mysql ≫ Mysql Version4.1.15

Mysql ≫ Mysql Version5.0.1

Mysql ≫ Mysql Version5.0.2

Mysql ≫ Mysql Version5.0.4

Mysql ≫ Mysql Version5.0.5

Mysql ≫ Mysql Version5.0.10

Mysql ≫ Mysql Version5.0.15

Mysql ≫ Mysql Version5.0.16

Mysql ≫ Mysql Version5.0.17

Oracle ≫ Mysql Version3.23

Oracle ≫ Mysql Version3.23.0 Updatealpha

Oracle ≫ Mysql Version3.23.1

Oracle ≫ Mysql Version3.23.2

Oracle ≫ Mysql Version3.23.3

Oracle ≫ Mysql Version3.23.4

Oracle ≫ Mysql Version3.23.5

Oracle ≫ Mysql Version3.23.6

Oracle ≫ Mysql Version3.23.7

Oracle ≫ Mysql Version3.23.8

Oracle ≫ Mysql Version3.23.9

Oracle ≫ Mysql Version3.23.10

Oracle ≫ Mysql Version3.23.11

Oracle ≫ Mysql Version3.23.12

Oracle ≫ Mysql Version3.23.13

Oracle ≫ Mysql Version3.23.14

Oracle ≫ Mysql Version3.23.15

Oracle ≫ Mysql Version3.23.16

Oracle ≫ Mysql Version3.23.17

Oracle ≫ Mysql Version3.23.18

Oracle ≫ Mysql Version3.23.19

Oracle ≫ Mysql Version3.23.20 Updatebeta

Oracle ≫ Mysql Version3.23.21

Oracle ≫ Mysql Version3.23.22

Oracle ≫ Mysql Version3.23.23

Oracle ≫ Mysql Version3.23.24

Oracle ≫ Mysql Version3.23.25

Oracle ≫ Mysql Version3.23.26

Oracle ≫ Mysql Version3.23.27

Oracle ≫ Mysql Version3.23.28 Updategamma

Oracle ≫ Mysql Version3.23.29

Oracle ≫ Mysql Version3.23.30

Oracle ≫ Mysql Version3.23.31

Oracle ≫ Mysql Version3.23.32

Oracle ≫ Mysql Version3.23.33

Oracle ≫ Mysql Version3.23.34

Oracle ≫ Mysql Version3.23.35

Oracle ≫ Mysql Version3.23.36

Oracle ≫ Mysql Version3.23.37

Oracle ≫ Mysql Version3.23.38

Oracle ≫ Mysql Version3.23.39

Oracle ≫ Mysql Version3.23.40

Oracle ≫ Mysql Version3.23.41

Oracle ≫ Mysql Version3.23.42

Oracle ≫ Mysql Version3.23.43

Oracle ≫ Mysql Version3.23.44

Oracle ≫ Mysql Version3.23.45

Oracle ≫ Mysql Version3.23.46

Oracle ≫ Mysql Version3.23.47

Oracle ≫ Mysql Version3.23.48

Oracle ≫ Mysql Version3.23.49

Oracle ≫ Mysql Version3.23.50

Oracle ≫ Mysql Version3.23.51

Oracle ≫ Mysql Version3.23.52

Oracle ≫ Mysql Version3.23.53

Oracle ≫ Mysql Version3.23.54

Oracle ≫ Mysql Version3.23.55

Oracle ≫ Mysql Version3.23.56

Oracle ≫ Mysql Version3.23.57

Oracle ≫ Mysql Version3.23.58

Oracle ≫ Mysql Version3.23.59

Oracle ≫ Mysql Version4.0.0

Oracle ≫ Mysql Version4.0.1

Oracle ≫ Mysql Version4.0.2

Oracle ≫ Mysql Version4.0.3

Oracle ≫ Mysql Version4.0.4

Oracle ≫ Mysql Version4.0.5

Oracle ≫ Mysql Version4.0.5a

Oracle ≫ Mysql Version4.0.6

Oracle ≫ Mysql Version4.0.7

Oracle ≫ Mysql Version4.0.7 Updategamma

Oracle ≫ Mysql Version4.0.8

Oracle ≫ Mysql Version4.0.8 Updategamma

Oracle ≫ Mysql Version4.0.9

Oracle ≫ Mysql Version4.0.9 Updategamma

Oracle ≫ Mysql Version4.0.10

Oracle ≫ Mysql Version4.0.11

Oracle ≫ Mysql Version4.0.11 Updategamma

Oracle ≫ Mysql Version4.0.12

Oracle ≫ Mysql Version4.0.13

Oracle ≫ Mysql Version4.0.14

Oracle ≫ Mysql Version4.0.15

Oracle ≫ Mysql Version4.0.16

Oracle ≫ Mysql Version4.0.17

Oracle ≫ Mysql Version4.0.18

Oracle ≫ Mysql Version4.0.19

Oracle ≫ Mysql Version4.0.20

Oracle ≫ Mysql Version4.0.21

Oracle ≫ Mysql Version4.0.23

Oracle ≫ Mysql Version4.0.24

Oracle ≫ Mysql Version4.0.25

Oracle ≫ Mysql Version4.0.26

Oracle ≫ Mysql Version4.0.27

Oracle ≫ Mysql Version4.1.0 Updatealpha

Oracle ≫ Mysql Version4.1.2 Updatealpha

Oracle ≫ Mysql Version4.1.3 Updatebeta

Oracle ≫ Mysql Version4.1.4

Oracle ≫ Mysql Version4.1.5

Oracle ≫ Mysql Version4.1.6

Oracle ≫ Mysql Version4.1.7

Oracle ≫ Mysql Version4.1.9

Oracle ≫ Mysql Version4.1.11

Oracle ≫ Mysql Version4.1.16

Oracle ≫ Mysql Version4.1.17

Oracle ≫ Mysql Version4.1.18

Oracle ≫ Mysql Version4.1.19

Oracle ≫ Mysql Version5.0.0 Updatealpha

Oracle ≫ Mysql Version5.0.3 Updatebeta

Oracle ≫ Mysql Version5.0.6

Oracle ≫ Mysql Version5.0.7

Oracle ≫ Mysql Version5.0.8

Oracle ≫ Mysql Version5.0.9

Oracle ≫ Mysql Version5.0.11

Oracle ≫ Mysql Version5.0.12

Oracle ≫ Mysql Version5.0.13

Oracle ≫ Mysql Version5.0.14

Oracle ≫ Mysql Version5.0.18

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.28%	0.511

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0653.html

http://bugs.mysql.com/bug.php?id=17667

http://rst.void.ru/papers/advisory39.txt

http://secunia.com/advisories/19034

Vendor Advisory

http://secunia.com/advisories/19502

http://secunia.com/advisories/19814

http://secunia.com/advisories/20241

http://secunia.com/advisories/20253

http://secunia.com/advisories/20333

http://secunia.com/advisories/20625

http://secunia.com/advisories/30351

http://securitytracker.com/id?1015693

http://www.debian.org/security/2006/dsa-1071

http://www.debian.org/security/2006/dsa-1073

http://www.debian.org/security/2006/dsa-1079

http://www.mandriva.com/security/advisories?name=MDKSA-2006:064

http://www.redhat.com/support/errata/RHSA-2006-0544.html

http://www.redhat.com/support/errata/RHSA-2007-0083.html

http://www.redhat.com/support/errata/RHSA-2008-0364.html

http://www.securityfocus.com/bid/16850

http://www.ubuntu.com/usn/usn-274-2

http://www.vupen.com/english/advisories/2006/0752

https://exchange.xforce.ibmcloud.com/vulnerabilities/24966

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9915

https://usn.ubuntu.com/274-1/

https://nvd.nist.gov/vuln/detail/CVE-2006-0903

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0903

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0903

EUVD