what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 76 RSS Feed


Oracle MySQL Heap Overrun
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Linux suffers from a heap overrun vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2012-5612
SHA-256 | aa61b4faa2cc9c52276bbcea35e5861199148c06c5182c06981f429b55af2c0e

Related Files

Posted Sep 3, 2008
Authored by SAM207

A tutorial written for newbies who wants to explore the m4d l33t world of SQL injection and have yet to even learn basic SQL commands.

tags | paper, sql injection
SHA-256 | c0a7f60cb48c9552397f1e532902b4520e369df3e949149b7d57db9e5e391b32
Posted Jul 23, 2008
Authored by ka0x

Whitepaper discussing techniques for MySQL related SQL injection. Written in Spanish.

tags | paper, sql injection
SHA-256 | ee7e900283cc996a8c28c40c5884ac9c44ab2146723cc1d4733f97b3eed84f6d
Posted Jan 5, 2008
Authored by Luigi Auriemma | Site aluigi.org

MySQL versions 6.0.3 and below pre-auth buffer overflow exploit that makes use of a vulnerability in yaSSL versions 1.7.5 and below.

tags | exploit, overflow
SHA-256 | 6dddbaba583b74f876426765e5ffcafc955183ca4dd0383b80ec714ed62e2285
Posted Jul 7, 2007
Authored by Henning Pingel, Lars Houmark

MySQLDumper suffers from a vulnerability access control set by Apache can be bypassed. MySQLDumper 1.23_pre_release_REV227, MySQLDumper 1.22, MySQLDumper 1.21b, and MySQLDumper Typo3-Extension 0.0.5 are affected.

tags | advisory, bypass
SHA-256 | e1fd27940c995a2c6095123f4bcba8081c0d55febd1d9cfa0a174b90a4b4cd62
Posted Oct 17, 2006
Authored by Crackers_Child | Site sibersavacilar.com

MysqlDumper 1.21 suffers from cross site scripting in sql.php.

tags | exploit, php, xss
SHA-256 | a7355bebc2633b364ca0521ed3b214ce94a5383bc1e99d107f0eaeadceae1024
Posted Oct 2, 2006
Authored by DarkFig | Site acid-root.new.fr

The mysql_error() function in php versions less than or equal to 4.4.4 and 5.1.6 can be used to conduct cross site scripting attacks.

tags | advisory, php, xss
SHA-256 | f4830cd8ef61eade1008ac84377a1498c2eca77d9dbe3e0ac01f416cdcbe05fe
Posted May 5, 2006
Authored by Stefano Di Paola | Site wisec.it

MySQL server versions 5.0.20 and below suffer from information leakage and arbitrary command execution flaws.

tags | advisory, arbitrary
SHA-256 | 73926f323fd235433143abd52ed6b9430e45c62875f010bf2cd9188857a7813d
Posted May 5, 2006
Authored by Stefano Di Paola | Site wisec.it

MySQL server versions 4.1.18 and below and 5.0.20 and below suffer from an information leakage issue.

tags | advisory
SHA-256 | eb1d10694aff57e15a622b021c3784bf24605040a4da6933d54eafaa3b59792c
Posted Apr 12, 2006
Authored by amat

A perl script that automates the process of guessing MySQL tables through SQL injection by first determining the number of arguments in the SELECT statement and then brute forcing table names from a word list.

tags | perl, sql injection
systems | unix
SHA-256 | fdd14b591b7c68ba2d74637bacb8793812b3b32f62eef68d828062124764aa02
Posted Mar 2, 2006
Authored by 1dt.w0lf | Site rst.void.ru

MySQL versions 5.0.18 and below suffer from a query logging bypass flaw.

tags | advisory
SHA-256 | 7e1967516440d73fa1a3f10d68c0811102cd228516f451ad259cb74d246b3c24
Posted Feb 26, 2006
Authored by Marco Ivaldi

Local privilege escalation exploit for MySQL 4.x and 5.0 that makes use of UDFs.

tags | exploit, local
SHA-256 | 259ac0290dd0e3e004ce1a3a8f637fde8c686703359f1c60679c5a45b6988645
Posted Aug 14, 2005
Authored by Eric Romang

MySQL contains a security flaw that can allow a local attacker the ability to commit SQL injection attacks.

tags | advisory, local, sql injection
SHA-256 | a6162c7a6873c2af86c56725d216d20b2735c99db4b74692c0a079b627ea6131
Posted Aug 5, 2005
Authored by James Bercegay | Site gulftech.org

MySQL AB Eventum versions 1.5.5 and below suffer from cross site scripting and SQL injection attacks.

tags | exploit, xss, sql injection
SHA-256 | 486b62670eba7e416965890cfa7d6c70e4ce802a5432ee1a9a47b3799b7d5e9d
Posted Mar 22, 2005
Authored by Luca Ercoli

MySQL versions 4.1.x, 4.0.x, and 5.0.x are all susceptible to a denial of service attack due to a problem with handling device names.

tags | advisory, denial of service
SHA-256 | e7b0f006e157c78b597991a04a36c0cebb80da3406e01d2ed57a7bd477e1bf1f
Posted Mar 15, 2005
Authored by Stefano Di Paola | Site wisec.it

If an authenticated user has INSERT and DELETE privileges on an mysql administrative database, it is possible, by using the CREATE FUNCTION command, to take advantage of functions from libc in order to gain mysql user privileges. Version 4.1.10 and versions below and equal to 4.0.23 are affected.

tags | advisory
SHA-256 | 05ae9e22a0591885b9e526aefabcc601ce81851c4dcec3496411367507e6bb0a
Posted Mar 15, 2005
Authored by Stefano Di Paola | Site wisec.it

If an authenticated user has INSERT and DELETE privileges on a mysql administrative database, it is possible to use a library located in an arbitrary directory using the CREATE function. Version 4.1.10 and versions below and equal to 4.0.23 are affected.

tags | advisory, arbitrary
SHA-256 | b6cd1438080f20142c162f5f1c30010bcc56c15eeb9a45e72e51b6759e1dc41f
Posted Sep 21, 2004
Authored by BliZZard

MySQLguest from AllWebscripts is vulnerable to an HTML injection flaw that is exposed via the entry submitting form due to a lack of proper sanitization.

tags | advisory
SHA-256 | adff55a9298359f4f057edc112d12bbf74c373c97e76c2d43184798b9bc21eec
Posted Jul 8, 2004
Authored by bambam

A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.

tags | exploit, remote
SHA-256 | 576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3
Posted Feb 23, 2004
Authored by Tonu Samuel

Small write-up discussing methodology for fingerprint the type of MySQL database being used when exploiting SQL injection vulnerabilities.

tags | paper, vulnerability, sql injection
SHA-256 | 7b6c08f5a021bb61015822055f311d65f7fed8629c8880058789c73e4bb31bb8
Posted Sep 13, 2003
Authored by Frank Denis | Site secunia.com

Secunia Research Advisory - A vulnerability in MySQL version 4.0.14 and below, due to a boundary error when checking passwords before hashing and storing them in the User table, can be exploited by malicious users to escalate their privileges via supplying a value longer than 16 characters using set password.

tags | advisory
SHA-256 | b38050cc8622e8b30bee6fe74ad079fbb83abe828e36d3b629f1c530345f520d
Posted Jan 4, 2003
Authored by dreyer

Mysqlsuite includes three tools which take advantage of the vulnerability in check_scramble() function of mysql described in mysql.4.0.5a.txt. Mysqlhack allows remote command execution with a valid mysql user and pass. Mysqlgetusers allows you do a dictionary login-only attack to find other users. Mysqlexploit spawns a shell on port 10000 on vulnerable linux mysql servers with a valid mysql login and pass and writable database. Fixed in Mysql v3.23.54.

tags | exploit, remote, shell
systems | linux
SHA-256 | 5c2113bbb28fb3db28e5790a86c03b3c83871154d3a6e756b9d3bbcc18b27f48
Posted Dec 14, 2002
Authored by Stefan Esser | Site security.e-matters.de

The MySQL database versions <= 3.23.53a and <= 4.0.5a contains local and remote vulnerabilities allowing remote attackers to bypass the MySQL password check and execute arbitrary code with the privileges of the user running mysqld. An arbitrary size heap overflow within the mysql client library and another vulnerability which allows '\0' to be written to any memory address allow DOS attacks against or arbitrary code execution within anything linked against libmysqlclient.

tags | advisory, remote, overflow, arbitrary, local, vulnerability, code execution
SHA-256 | b385bbffd26b7aac37dec468afd6558f47557fa4ccb25456b032f8f0f3e77828
Posted Aug 18, 2002
Authored by g0thm0g

MySQL is an open-source database produced by MySQL AB. MySQL AB provides binaries for the Windows platform which run out-of-the-box. However, the default configuration for these binaries leave MySQL wide open to attack in a number of ways: A null root password, a non-loopback-bound server, and no logging. Included in this advisory is source to demonstrate an attack using this information.

tags | tool, root
systems | windows, unix
SHA-256 | fe702c187a158be2974aa60ea624583d2e8944d1724d9566be580a09e054e03c
Posted Apr 9, 2001
Authored by Chris Given

MySQL brute force password cracker - Uses a dictionary attack against an encrypted mysql password.

tags | cracker
SHA-256 | d2d6a3f7496ba65f94690c6000b5539d0e0594cd880324e8e20d6d1758ca616f
Posted Feb 10, 2000
Authored by Emphyrio

There exists a vulnerability in the password checking routines in the latest versions of the MySQL server, that allows any user on a host that is allowed to connect to the server, to skip password authentication, and access databases. All versions of MySQL up to 3.22.26a are vulnerable.

tags | exploit
SHA-256 | 5f5a4fb2100d5e175dc80ad904c3a600382a5f0b6c8153e8084244e2328cedac
Page 3 of 3

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By