Published: 02/05/2005 Updated: 17/12/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

MySQL 4.0.23 and previous versions, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql 4.0.11
oracle mysql 4.0.20
oracle mysql 4.0.21
oracle mysql 4.0.7
oracle mysql 4.0.8
oracle mysql 4.1.2
mysql mysql 4.1.3
oracle mysql 4.0.1
oracle mysql 4.0.10
oracle mysql 4.0.18
oracle mysql 4.0.2
oracle mysql 4.0.5a
oracle mysql 4.0.6
oracle mysql 4.1.0
mysql mysql 4.1.10
oracle mysql 4.0.12
oracle mysql 4.0.13
oracle mysql 4.0.23
oracle mysql 4.0.3
oracle mysql 4.0.9
oracle mysql 4.1.3
oracle mysql 4.1.4
oracle mysql 3.23.49
oracle mysql 4.0.0
oracle mysql 4.0.14
oracle mysql 4.0.15
oracle mysql 4.0.4
oracle mysql 4.0.5
mysql mysql 4.1.0
oracle mysql 4.1.5

Stefano Di Paola discovered three privilege escalation flaws in the MySQL server: ...

Synopsis mysql security update Type/Severity Security Advisory: Important Topic Updated mysql packages that fix several vulnerabilities are now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description MySQL is a multi-user, m ...

Synopsis mysql-server security update Type/Severity Security Advisory: Important Topic Updated mysql-server packages that fix several vulnerabilities are nowavailableThis update has been rated as having important security impact by the RedHat Security Response Team Description MySQL is a ...

Several vulnerabilities have been discovered in MySQL, a popular database The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2004-0957 Sergei Golubchik discovered a problem in the access handling for similar named databases If a user is granted privileges to a database with a name containing an un ...

source: wwwsecurityfocuscom/bid/12781/info MySQL is reported prone to multiple vulnerabilities that can be exploited by a remote authenticated attacker The following individual issues are reported: - Insecure temporary file-creation vulnerability Reports indicate that an attacker with 'CREATE TEMPORARY TABLE' privileges on an affected ...

CWE-94 http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0084.html http://www.debian.org/security/2005/dsa-707 http://www.gentoo.org/security/en/glsa/glsa-200503-19.xml http://www.redhat.com/support/errata/RHSA-2005-334.html http://www.novell.com/linux/security/advisories/2005_19_mysql.html http://www.trustix.org/errata/2005/0009/http://www.securityfocus.com/bid/12781 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://www.redhat.com/support/errata/RHSA-2005-348.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:060 http://marc.info/?l=bugtraq&m=111066115808506&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10479 https://usn.ubuntu.com/96-1/https://usn.ubuntu.com/96-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/25209/

CVE-2005-0709

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect