Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1375

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1375
Last Modified 05 Sep 2008 04:30:25
Published 23 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1375

Summary

The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.

Vulnerable Systems

Application

  • Mysql 3.22.26

  • Mysql 3.22.27

  • Mysql 3.22.28

  • Mysql 3.22.29

  • Mysql 3.22.30

  • Mysql 3.22.32

  • Mysql 3.23.10

  • Mysql 3.23.2

  • Mysql 3.23.23

  • Mysql 3.23.24

  • Mysql 3.23.25

  • Mysql 3.23.26

  • Mysql 3.23.27

  • Mysql 3.23.28

  • Mysql 3.23.29

  • Mysql 3.23.3

  • Mysql 3.23.30

  • Mysql 3.23.31

  • Mysql 3.23.34

  • Mysql 3.23.36

  • Mysql 3.23.37

  • Mysql 3.23.38

  • Mysql 3.23.39

  • Mysql 3.23.4

  • Mysql 3.23.40

  • Mysql 3.23.41

  • Mysql 3.23.42

  • Mysql 3.23.43

  • Mysql 3.23.44

  • Mysql 3.23.45

  • Mysql 3.23.46

  • Mysql 3.23.47

  • Mysql 3.23.48

  • Mysql 3.23.49

  • Mysql 3.23.5

  • Mysql 3.23.50

  • Mysql 3.23.51

  • Mysql 3.23.52

  • Mysql 3.23.53

  • Mysql 3.23.53a

  • Mysql 3.23.8

  • Mysql 3.23.9

  • Mysql 4.0.0

  • Mysql 4.0.1

  • Mysql 4.0.2

  • Mysql 4.0.3

  • Mysql 4.0.5a

  • Symantec Veritas Netbackup Advanced Reporter 3.4

  • Symantec Veritas Netbackup Advanced Reporter 4.5

  • Symantec Veritas Netbackup Advanced Reporter 4.5 Fp1

  • Symantec Veritas Netbackup Advanced Reporter 4.5 Fp2

  • Symantec Veritas Netbackup Advanced Reporter 4.5 Fp3

  • Symantec Veritas Netbackup Advanced Reporter 4.5 Mp1

  • Symantec Veritas Netbackup Advanced Reporter 4.5 Mp2

  • Symantec Veritas Netbackup Advanced Reporter 4.5 Mp3

  • Symantec Veritas Netbackup Global Data Manager 4.5

  • Symantec Veritas Netbackup Global Data Manager 4.5 Fp1

  • Symantec Veritas Netbackup Global Data Manager 4.5 Fp2

  • Symantec Veritas Netbackup Global Data Manager 4.5 Fp3

  • Symantec Veritas Netbackup Global Data Manager 4.5 Mp1

  • Symantec Veritas Netbackup Global Data Manager 4.5 Mp2

  • Symantec Veritas Netbackup Global Data Manager 4.5 Mp3


References

BID - 6375

ENGARDE - ESA-20021213-033

XF - mysql-comchangeuser-password-bo(10848)

MISC - http://security.e-matters.de/advisories/042002.html

BUGTRAQ - 20021212 Advisory 04/2002: Multiple MySQL vulnerabilities

TRUSTIX - 2002-0086

IMMUNIX - IMNX-2003-7+-008-01

REDHAT - RHSA-2003:166

REDHAT - RHSA-2002:289

REDHAT - RHSA-2002:288

SUSE - SUSE-SA:2003:003

MANDRAKE - MDKSA-2002:087

DEBIAN - DSA-212

BUGTRAQ - 20021216 [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql)

GENTOO - GLSA-200212-2

CONECTIVA - CLSA-2002:555


Last Updated: 27 May 2016 10:37:18