Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0836

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0836
Last Modified 05 Sep 2008 04:39:33
Published 03 Nov 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0836

Summary

Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).

Vulnerable Systems

Application

  • Mysql 3.23.49

  • Mysql 4.0.21


References

XF - mysql-realconnect-bo(17047)

REDHAT - RHSA-2004:611

REDHAT - RHSA-2004:597

DEBIAN - DSA-562

TRUSTIX - 2004-0054

BID - 10981

GENTOO - GLSA-200410-22

CIAC - P-018

SECUNIA - 12305

BUGTRAQ - 20041125 [USN-32-1] mysql vulnerabilities

MISC - http://lists.mysql.com/internals/14726

CONECTIVA - CLA-2004:892

MISC - http://bugs.mysql.com/bug.php?id=4017


Last Updated: 27 May 2016 10:38:46