Published: 16/08/2005 Updated: 17/12/2019

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

VMScore: 756

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql 5.0.33

pentest_example This exercise demonstrates penetration testing and reporting This activity was part of a larger project, but highlights finding, gaining access to, and exploiting servers running Wordpress sites The following are the vulnerabilities that were exploited in this attack: Wordpress Enumeration CVE-2019-6579 - using wpscan, nikto, and gobuster Weak passwords - eas

NVD-CWE-Other http://www.appsecinc.com/resources/alerts/mysql/2005-003.html http://secunia.com/advisories/54788 http://www.securitytracker.com/id/1029010 http://www.securityfocus.com/bid/62358 http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03897409 http://marc.info/?l=bugtraq&m=112360818900941&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/21756 https://nvd.nist.gov https://github.com/vivekaom/pentest_example

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2572

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect