Oracle MySQL User-Defined Function init_syms() Overflow
Medium Nessus Network Monitor Plugin ID 3158
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionAccording to its version number, the installation of MySQL on the remote host may be prone to a buffer overflow when copying the name of a user-defined function into a stack-based buffer. With sufficient access to create a user-defined function, an attacker may be able to exploit this and execute arbitrary code within the context of the affected database server process.
SolutionUpgrade to version 4.0.25 / 4.1.13 / 5.0.7-beta or higher.