5

CVE-2006-1516

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MysqlMysql Version4.1.0
MysqlMysql Version4.1.3
MysqlMysql Version4.1.8
MysqlMysql Version4.1.10
MysqlMysql Version4.1.12
MysqlMysql Version4.1.13
MysqlMysql Version4.1.14
MysqlMysql Version4.1.15
MysqlMysql Version5.0.1
MysqlMysql Version5.0.2
MysqlMysql Version5.0.3
MysqlMysql Version5.0.4
MysqlMysql Version5.0.5
MysqlMysql Version5.0.10
MysqlMysql Version5.0.15
MysqlMysql Version5.0.16
MysqlMysql Version5.0.17
OracleMysql Version4.0.0
OracleMysql Version4.0.1
OracleMysql Version4.0.2
OracleMysql Version4.0.3
OracleMysql Version4.0.4
OracleMysql Version4.0.5
OracleMysql Version4.0.5a
OracleMysql Version4.0.6
OracleMysql Version4.0.7
OracleMysql Version4.0.7 Updategamma
OracleMysql Version4.0.8
OracleMysql Version4.0.8 Updategamma
OracleMysql Version4.0.9
OracleMysql Version4.0.9 Updategamma
OracleMysql Version4.0.10
OracleMysql Version4.0.11
OracleMysql Version4.0.11 Updategamma
OracleMysql Version4.0.12
OracleMysql Version4.0.13
OracleMysql Version4.0.14
OracleMysql Version4.0.15
OracleMysql Version4.0.16
OracleMysql Version4.0.17
OracleMysql Version4.0.18
OracleMysql Version4.0.19
OracleMysql Version4.0.20
OracleMysql Version4.0.21
OracleMysql Version4.0.23
OracleMysql Version4.0.24
OracleMysql Version4.0.25
OracleMysql Version4.0.26
OracleMysql Version4.1.0 Updatealpha
OracleMysql Version4.1.2 Updatealpha
OracleMysql Version4.1.3 Updatebeta
OracleMysql Version4.1.4
OracleMysql Version4.1.5
OracleMysql Version4.1.6
OracleMysql Version4.1.7
OracleMysql Version4.1.9
OracleMysql Version4.1.11
OracleMysql Version4.1.16
OracleMysql Version4.1.17
OracleMysql Version4.1.18
OracleMysql Version5.0.0 Updatealpha
OracleMysql Version5.0.3 Updatebeta
OracleMysql Version5.0.6
OracleMysql Version5.0.7
OracleMysql Version5.0.8
OracleMysql Version5.0.9
OracleMysql Version5.0.11
OracleMysql Version5.0.12
OracleMysql Version5.0.13
OracleMysql Version5.0.14
OracleMysql Version5.0.18
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 33.5% 0.982
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29847
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
http://www.vupen.com/english/advisories/2008/1326/references
http://docs.info.apple.com/article.html?artnum=305214
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://secunia.com/advisories/24479
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
US Government Resource
http://www.vupen.com/english/advisories/2007/0930
http://secunia.com/advisories/20241
http://secunia.com/advisories/20253
http://secunia.com/advisories/20333
http://secunia.com/advisories/20625
http://www.debian.org/security/2006/dsa-1071
http://www.debian.org/security/2006/dsa-1073
http://www.debian.org/security/2006/dsa-1079
http://www.redhat.com/support/errata/RHSA-2006-0544.html
http://secunia.com/advisories/20457
http://www.novell.com/linux/security/advisories/2006-06-02.html
http://bugs.debian.org/365938
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
Patch
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
http://secunia.com/advisories/19929
Patch
Vendor Advisory
http://secunia.com/advisories/20002
http://secunia.com/advisories/20073
http://secunia.com/advisories/20076
http://secunia.com/advisories/20223
http://secunia.com/advisories/20424
http://secunia.com/advisories/20762
http://securityreason.com/securityalert/840
http://securitytracker.com/id?1016017
Patch
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
http://www.securityfocus.com/archive/1/432733/100/0/threaded
http://www.securityfocus.com/archive/1/434164/100/0/threaded
http://www.securityfocus.com/bid/17780
http://www.trustix.org/errata/2006/0028
http://www.vupen.com/english/advisories/2006/1633
http://www.wisec.it/vulns.php?page=7
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/26236
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918
https://usn.ubuntu.com/283-1/