This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
According to its version number, the installation of MySQL on the
remote host is potentially affected by two flaws :
- A buffer overflow can be triggered when copying the name of a
user-defined function into a stack-based buffer. With
sufficient access to create a user-defined function, an
attacker may be able to exploit this and execute arbitrary
code within the context of the affected database server
- The mysql_create_function is not fully protected against
directory traversal attacks. On Windows, arbitrary files can
be included by using backslash characters. (CVE-2005-2573)
See also :
Upgrade to MySQL 4.0.25 / 4.1.13 / 5.0.7 or later.
Risk factor :
Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 4.4
Public Exploit Available : false
Nessus Plugin ID: 19416 ()
Bugtraq ID: 14509
CVE ID: CVE-2005-2558CVE-2005-2573
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.