MySQL libmysqlclient.so buffer overflow
| mysql-libmysqlclient-bo (6418) |  High Risk |
Description:
MySQL is vulnerable to a buffer overflow in the libmysqlclient.so library file. By using a specially-crafted hostname to invoke MySQL, an attacker can overflow the buffer to execute arbitrary code on the system. An attacker could exploit this vulnerability by using PHP scripts to establish a connection to the MySQL database to execute arbitrary code on the system with privileges of the Web server.
Platforms Affected:
- MySQL, MySQL 3.20
- MySQL, MySQL 3.20.32a
- MySQL, MySQL 3.21
- MySQL, MySQL 3.22
- MySQL, MySQL 3.22.26
- MySQL, MySQL 3.22.27
- MySQL, MySQL 3.22.28
- MySQL, MySQL 3.22.29
- MySQL, MySQL 3.22.30
- MySQL, MySQL 3.22.32
- MySQL, MySQL 3.23
- MySQL, MySQL 3.23.0 Alpha
- MySQL, MySQL 3.23.1
- MySQL, MySQL 3.23.10
- MySQL, MySQL 3.23.11
- MySQL, MySQL 3.23.12
- MySQL, MySQL 3.23.13
- MySQL, MySQL 3.23.14
- MySQL, MySQL 3.23.15
- MySQL, MySQL 3.23.16
- MySQL, MySQL 3.23.17
- MySQL, MySQL 3.23.18
- MySQL, MySQL 3.23.19
- MySQL, MySQL 3.23.2
- MySQL, MySQL 3.23.20 Beta
- MySQL, MySQL 3.23.20
- MySQL, MySQL 3.23.21
- MySQL, MySQL 3.23.22
- MySQL, MySQL 3.23.23
- MySQL, MySQL 3.23.24
- MySQL, MySQL 3.23.25
- MySQL, MySQL 3.23.26
- MySQL, MySQL 3.23.27
- MySQL, MySQL 3.23.28 Gamma
- MySQL, MySQL 3.23.28
- MySQL, MySQL 3.23.29
- MySQL, MySQL 3.23.3
- MySQL, MySQL 3.23.30
- MySQL, MySQL 3.23.31
- MySQL, MySQL 3.23.32
- MySQL, MySQL 3.23.33
Remedy:
Upgrade to the latest version of MySQL (3.23.33 or later), available from the MySQL Web site. See References.
Consequences:
Gain Privileges
References:
- BugTraq Mailing List, Fri Feb 09 2001 - 18:54:33 CST, Some more MySql security issues at http://archives.neohapsis.com/archives/bugtraq/2001-02/0183.html.
- MySQL Web site, Downloads for the 3.23 version at http://www.mysql.com/downloads/mysql-3.23.html.
- MySQL Web site, F.2.6 Changes in release 3.23.33 at http://www.mysql.com/doc/N/e/News-3.23.33.html.
- CVE-2001-1453: Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
- US-CERT VU#123384: MySQL client contains buffer overflow
Reported:
Feb 09, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net