Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2006-1518

Published: 05/05/2006 Updated: 17/12/2019
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 655
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Oracle

Vulnerability Summary

Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote malicious users to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql 5.0.13

oracle mysql 5.0.0

mysql mysql 5.0.15

mysql mysql 5.0.16

mysql mysql 5.0.17

oracle mysql 5.0.14

mysql mysql 5.0.3

oracle mysql 5.0.3

oracle mysql 5.0.11

oracle mysql 5.0.12

mysql mysql 5.0.2

mysql mysql 5.0.20

oracle mysql 5.0.8

oracle mysql 5.0.9

mysql mysql 5.0.1

mysql mysql 5.0.10

oracle mysql 5.0.18

oracle mysql 5.0.19

oracle mysql 5.0.6

oracle mysql 5.0.7

mysql mysql 5.0.4

mysql mysql 5.0.5

Vendor Advisories

Debian Security Advisories: DSA-1073-1 mysql-dfsg-4.1 -- several vulnerabilities
Several vulnerabilities have been discovered in MySQL, a popular SQL database The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms CVE-2006-1516 Usernames without a trailing null ...
Debian Security Advisories: DSA-1079-1 mysql-dfsg -- several vulnerabilities
Several vulnerabilities have been discovered in MySQL, a popular SQL database The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms CVE-2006-1516 Usernames without a trailing null ...
Debian Security Advisories: DSA-1071-1 mysql -- several vulnerabilities
Several vulnerabilities have been discovered in MySQL, a popular SQL database The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2006-0903 Improper handling of SQL queries containing the NULL character allows local users to bypass logging mechanisms CVE-2006-1516 Usernames without a trailing null ...

Exploits

Exploit DB: MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow
/* **************************************************************** April 21st 2006 my_exploitc MySql COM_TABLE_DUMP Memory Leak & MySql remote B0f MySql <= 5020 MySql COM_TABLE_DUMP Memory Leak MySql <= 4xx copyright 2006 Stefano Di Paola (stefanodipaola_at_wisecit) GPL 20 *************** ...

References

NVD-CWE-Otherhttp://www.wisec.it/vulns.php?page=8http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.htmlhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939http://securitytracker.com/id?1016016http://secunia.com/advisories/19929http://www.kb.cert.org/vuls/id/602457http://www.debian.org/security/2006/dsa-1071http://www.debian.org/security/2006/dsa-1073http://secunia.com/advisories/20241http://secunia.com/advisories/20253http://www.debian.org/security/2006/dsa-1079http://secunia.com/advisories/20333http://www.novell.com/linux/security/advisories/2006-06-02.htmlhttp://secunia.com/advisories/20457http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.htmlhttp://secunia.com/advisories/20762http://www.securityfocus.com/bid/17780http://securityreason.com/securityalert/839http://www.vupen.com/english/advisories/2006/1633https://exchange.xforce.ibmcloud.com/vulnerabilities/26232http://www.securityfocus.com/archive/1/432734/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/1741/https://www.kb.cert.org/vuls/id/602457
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook