National Cyber-Alert System

Vulnerability Summary for CVE-2006-1518

Overview

Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#602457

Name: VU#602457

Type: Advisory; Patch Information

Hyperlink:http://www.kb.cert.org/vuls/id/602457

External Source: MISC

Name: http://www.wisec.it/vulns.php?page=8

Type: Patch Information

Hyperlink:http://www.wisec.it/vulns.php?page=8

External Source: VUPEN

Name: ADV-2006-1633

Type: Advisory; Patch Information

Hyperlink:http://www.frsirt.com/english/advisories/2006/1633

External Source: SECTRACK

Name: 1016016

Type: Patch Information

Hyperlink:http://securitytracker.com/id?1016016

External Source: SECUNIA

Name: 19929

Type: Advisory; Patch Information

Hyperlink:http://secunia.com/advisories/19929

External Source: CONFIRM

Name: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html

Type: Patch Information

Hyperlink:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html

External Source: CONFIRM

Name: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939

Type: Patch Information

Hyperlink:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939

External Source: BUGTRAQ

Name: 20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution.

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/432734/100/0/threaded

External Source: XF

Name: mysql-comtabledump-bo(26232)

Hyperlink:http://xforce.iss.net/xforce/xfdb/26232

External Source: BID

Name: 17780

Hyperlink:http://www.securityfocus.com/bid/17780

External Source: SUSE

Name: SUSE-SR:2006:012

Hyperlink:http://www.novell.com/linux/security/advisories/2006-06-02.html

External Source: DEBIAN

Name: DSA-1079

Hyperlink:http://www.debian.org/security/2006/dsa-1079

External Source: DEBIAN

Name: DSA-1073

Hyperlink:http://www.debian.org/security/2006/dsa-1073

External Source: DEBIAN

Name: DSA-1071

Hyperlink:http://www.debian.org/security/2006/dsa-1071

External Source: SREASON

Name: 839

Hyperlink:http://securityreason.com/securityalert/839

External Source: SECUNIA

Name: 20762

Hyperlink:http://secunia.com/advisories/20762

External Source: SECUNIA

Name: 20457

Hyperlink:http://secunia.com/advisories/20457

External Source: SECUNIA

Name: 20333

Hyperlink:http://secunia.com/advisories/20333

External Source: SECUNIA

Name: 20253

Hyperlink:http://secunia.com/advisories/20253

External Source: SECUNIA

Name: 20241

Hyperlink:http://secunia.com/advisories/20241

External Source: SUSE

Name: SUSE-SA:2006:036

Hyperlink:http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html