Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0073

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0073
Last Modified 10 Sep 2008 08:05:44
Published 19 Feb 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0073

Summary

Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.

Vulnerable Systems

Application

  • Mysql 3.23.31

  • Mysql 3.23.36

  • Mysql 3.23.41

  • Mysql 3.23.47

  • Mysql 3.23.52

  • Mysql 3.23.53

  • Mysql 3.23.54

  • Mysql 3.23.54a


References

DEBIAN - DSA-303

BUGTRAQ - 20030129 [OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql)

CONFIRM - http://www.mysql.com/doc/en/News-3.23.55.html

BID - 6718

REDHAT - RHSA-2003:166

REDHAT - RHSA-2003:094

REDHAT - RHSA-2003:093

MANDRAKE - MDKSA-2003:013

ENGARDE - ESA-20030220-004

XF - mysql-mysqlchangeuser-doublefree-dos(11199)

CONECTIVA - CLA-2003:743


Last Updated: 27 May 2016 10:37:46