Oracle MySQL on Linux suffers from a heap overrun vulnerability.
aa61b4faa2cc9c52276bbcea35e5861199148c06c5182c06981f429b55af2c0eA tutorial written for newbies who wants to explore the m4d l33t world of SQL injection and have yet to even learn basic SQL commands.
c0a7f60cb48c9552397f1e532902b4520e369df3e949149b7d57db9e5e391b32Whitepaper discussing techniques for MySQL related SQL injection. Written in Spanish.
ee7e900283cc996a8c28c40c5884ac9c44ab2146723cc1d4733f97b3eed84f6dMySQL versions 6.0.3 and below pre-auth buffer overflow exploit that makes use of a vulnerability in yaSSL versions 1.7.5 and below.
6dddbaba583b74f876426765e5ffcafc955183ca4dd0383b80ec714ed62e2285MySQLDumper suffers from a vulnerability access control set by Apache can be bypassed. MySQLDumper 1.23_pre_release_REV227, MySQLDumper 1.22, MySQLDumper 1.21b, and MySQLDumper Typo3-Extension 0.0.5 are affected.
e1fd27940c995a2c6095123f4bcba8081c0d55febd1d9cfa0a174b90a4b4cd62MysqlDumper 1.21 suffers from cross site scripting in sql.php.
a7355bebc2633b364ca0521ed3b214ce94a5383bc1e99d107f0eaeadceae1024The mysql_error() function in php versions less than or equal to 4.4.4 and 5.1.6 can be used to conduct cross site scripting attacks.
f4830cd8ef61eade1008ac84377a1498c2eca77d9dbe3e0ac01f416cdcbe05feMySQL server versions 5.0.20 and below suffer from information leakage and arbitrary command execution flaws.
73926f323fd235433143abd52ed6b9430e45c62875f010bf2cd9188857a7813dMySQL server versions 4.1.18 and below and 5.0.20 and below suffer from an information leakage issue.
eb1d10694aff57e15a622b021c3784bf24605040a4da6933d54eafaa3b59792cA perl script that automates the process of guessing MySQL tables through SQL injection by first determining the number of arguments in the SELECT statement and then brute forcing table names from a word list.
fdd14b591b7c68ba2d74637bacb8793812b3b32f62eef68d828062124764aa02MySQL versions 5.0.18 and below suffer from a query logging bypass flaw.
7e1967516440d73fa1a3f10d68c0811102cd228516f451ad259cb74d246b3c24Local privilege escalation exploit for MySQL 4.x and 5.0 that makes use of UDFs.
259ac0290dd0e3e004ce1a3a8f637fde8c686703359f1c60679c5a45b6988645MySQL contains a security flaw that can allow a local attacker the ability to commit SQL injection attacks.
a6162c7a6873c2af86c56725d216d20b2735c99db4b74692c0a079b627ea6131MySQL AB Eventum versions 1.5.5 and below suffer from cross site scripting and SQL injection attacks.
486b62670eba7e416965890cfa7d6c70e4ce802a5432ee1a9a47b3799b7d5e9dMySQL versions 4.1.x, 4.0.x, and 5.0.x are all susceptible to a denial of service attack due to a problem with handling device names.
e7b0f006e157c78b597991a04a36c0cebb80da3406e01d2ed57a7bd477e1bf1fIf an authenticated user has INSERT and DELETE privileges on an mysql administrative database, it is possible, by using the CREATE FUNCTION command, to take advantage of functions from libc in order to gain mysql user privileges. Version 4.1.10 and versions below and equal to 4.0.23 are affected.
05ae9e22a0591885b9e526aefabcc601ce81851c4dcec3496411367507e6bb0aIf an authenticated user has INSERT and DELETE privileges on a mysql administrative database, it is possible to use a library located in an arbitrary directory using the CREATE function. Version 4.1.10 and versions below and equal to 4.0.23 are affected.
b6cd1438080f20142c162f5f1c30010bcc56c15eeb9a45e72e51b6759e1dc41fMySQLguest from AllWebscripts is vulnerable to an HTML injection flaw that is exposed via the entry submitting form due to a lack of proper sanitization.
adff55a9298359f4f057edc112d12bbf74c373c97e76c2d43184798b9bc21eecA .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.
576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3Small write-up discussing methodology for fingerprint the type of MySQL database being used when exploiting SQL injection vulnerabilities.
7b6c08f5a021bb61015822055f311d65f7fed8629c8880058789c73e4bb31bb8Secunia Research Advisory - A vulnerability in MySQL version 4.0.14 and below, due to a boundary error when checking passwords before hashing and storing them in the User table, can be exploited by malicious users to escalate their privileges via supplying a value longer than 16 characters using set password.
b38050cc8622e8b30bee6fe74ad079fbb83abe828e36d3b629f1c530345f520dMysqlsuite includes three tools which take advantage of the vulnerability in check_scramble() function of mysql described in mysql.4.0.5a.txt. Mysqlhack allows remote command execution with a valid mysql user and pass. Mysqlgetusers allows you do a dictionary login-only attack to find other users. Mysqlexploit spawns a shell on port 10000 on vulnerable linux mysql servers with a valid mysql login and pass and writable database. Fixed in Mysql v3.23.54.
5c2113bbb28fb3db28e5790a86c03b3c83871154d3a6e756b9d3bbcc18b27f48The MySQL database versions <= 3.23.53a and <= 4.0.5a contains local and remote vulnerabilities allowing remote attackers to bypass the MySQL password check and execute arbitrary code with the privileges of the user running mysqld. An arbitrary size heap overflow within the mysql client library and another vulnerability which allows '\0' to be written to any memory address allow DOS attacks against or arbitrary code execution within anything linked against libmysqlclient.
b385bbffd26b7aac37dec468afd6558f47557fa4ccb25456b032f8f0f3e77828MySQL is an open-source database produced by MySQL AB. MySQL AB provides binaries for the Windows platform which run out-of-the-box. However, the default configuration for these binaries leave MySQL wide open to attack in a number of ways: A null root password, a non-loopback-bound server, and no logging. Included in this advisory is source to demonstrate an attack using this information.
fe702c187a158be2974aa60ea624583d2e8944d1724d9566be580a09e054e03cMySQL brute force password cracker - Uses a dictionary attack against an encrypted mysql password.
d2d6a3f7496ba65f94690c6000b5539d0e0594cd880324e8e20d6d1758ca616fThere exists a vulnerability in the password checking routines in the latest versions of the MySQL server, that allows any user on a host that is allowed to connect to the server, to skip password authentication, and access databases. All versions of MySQL up to 3.22.26a are vulnerable.
5f5a4fb2100d5e175dc80ad904c3a600382a5f0b6c8153e8084244e2328cedac
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed