LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Tux3: the other next-generation filesystem

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

mysql: arbitrary code execution

Package(s):mysql CVE #(s):CAN-2003-0780
Created:September 15, 2003 Updated:October 9, 2003
Description: Frank Denis reported a vulnerability in MySQL affecting MySQL3 versions 3.0.57 and earlier and MySQL4 versions 4.0.14 and earlier. Passwords of MySQL users are stored in the "Password" field of the "User" table, part of the "mysql" database. The passwords are hashed and stored as a 16 characters long hexadecimal value. Unfortunately, a function involved in password checking misses correct bounds checking. By filling a "Password" field a value wider than 16 characters, a buffer overflow will occur. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2003-0780 to the problem.
Alerts:
Red Hat RHSA-2003:281-01 2003-10-09
SuSE SuSE-SA:2003:042 2003-10-01
Mandrake MDKSA-2003:094 2003-09-18
Conectiva CLA-2003:743 2003-09-18
EnGarde ESA-20030918-025 2003-09-18
Trustix 2003-0034 2003-09-17
Gentoo 200309-08 2003-09-15
OpenPKG OpenPKG-SA-2003.038 2003-09-15
Debian DSA-381-1 2003-09-13
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds