yaSSL 1.7.5 Buffer Overflow

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.

Synopsis :

Arbitrary code can be executed on the remote database server.

Description :

The version of MySQL installed on the remote host reportedly allows a
remote user to execute arbitrary code by exploiting a buffer overflow
in yaSSL 1.7.5 or earlier.

See also :


Solution :

Upgrade to MySQL version 5.0.54a, 5.1.23, 6.0.4 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: Databases

Nessus Plugin ID: 17814 ()

Bugtraq ID: 27140

CVE ID: CVE-2008-0226