MySQL < 5.0.90 / 5.1.43 / 5.5.0-m2 Multiple Buffer Overflows

high Nessus Plugin ID 17835

Synopsis

The remote database server is affected by several buffer overflow vulnerabilities.

Description

The version of MySQL installed on the remote host is older than 5.0.90, 5.1.43 or 5.5.0-m2. Such versions use yaSSL prior to 1.9.9, that is vulnerable to multiple buffer overflows. These overflows allow a remote attacker to crash the server.

Solution

Upgrade to MySQL version 5.0.90 / 5.1.43 / 5.5.0-m2 or later.

See Also

http://www.nessus.org/u?409fbf00

http://www.nessus.org/u?d46c3ad9

https://bugs.mysql.com/bug.php?id=50227

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html

http://www.nessus.org/u?d50b4e7b

https://lists.mysql.com/commits/96697

https://isc.sans.edu//diary.html?storyid=7900

Plugin Details

Severity: High

ID: 17835

File Name: mysql_5_1_43_yaSSL.nasl

Version: 1.5

Type: remote

Family: Databases

Published: 1/18/2012

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Frictionless Assessment Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:mysql:mysql

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/26/2010

Exploitable With

Core Impact

Metasploit (MySQL yaSSL CertDecoder::GetName Buffer Overflow)

Reference Information

CVE: CVE-2009-4484

BID: 37640, 37943, 37974

CWE: 119