move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xml
This commit is contained in:
Oliver Eikemeier
parent
1f6fffac4d
commit
5f1e2eed8c
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=113219
3 changed files with 31 additions and 4 deletions
|
|
@ -36,5 +36,3 @@ libxine<1.0.r4|http://www.xinehq.de/index.php/security/XSA-2004-3 http://cve.mit
|
||||||
apache>=2.*<2.0.49_3|http://www.guninski.com/httpd1.html http://www.apacheweek.com/features/security-20 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://secunia.com/advisories/11956 http://www.osvdb.org/7269|Apache input header folding DoS vulnerability|81a8c9c2-c94f-11d8-8898-000d6111a684
|
apache>=2.*<2.0.49_3|http://www.guninski.com/httpd1.html http://www.apacheweek.com/features/security-20 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://secunia.com/advisories/11956 http://www.osvdb.org/7269|Apache input header folding DoS vulnerability|81a8c9c2-c94f-11d8-8898-000d6111a684
|
||||||
isakmpd<20040611|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022399.html http://www.osvdb.org/6951 http://www.secunia.com/advisories/11827 http://www.securityfocus.com/bid/10496|isakmpd security association deletion vulnerability|9a73a5b4-c9b5-11d8-95ca-02e081301d81
|
isakmpd<20040611|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022399.html http://www.osvdb.org/6951 http://www.secunia.com/advisories/11827 http://www.securityfocus.com/bid/10496|isakmpd security association deletion vulnerability|9a73a5b4-c9b5-11d8-95ca-02e081301d81
|
||||||
krb5<1.3.4|http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0523 http://www.osvdb.org/6846 http://secunia.com/advisories/11753 http://www.kb.cert.org/vuls/id/686862 http://www.securityfocus.com/bid/10448|MIT Kerberos 5 krb5_aname_to_localname() buffer overflow|5177b6e5-c9b7-11d8-95ca-02e081301d81
|
krb5<1.3.4|http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0523 http://www.osvdb.org/6846 http://secunia.com/advisories/11753 http://www.kb.cert.org/vuls/id/686862 http://www.securityfocus.com/bid/10448|MIT Kerberos 5 krb5_aname_to_localname() buffer overflow|5177b6e5-c9b7-11d8-95ca-02e081301d81
|
||||||
mysql-server>=4.1.*<4.1.3|http://www.nextgenss.com/advisories/mysql-authbypass.txt http://dev.mysql.com/doc/mysql/en/News-4.1.3.html http://secunia.com/advisories/12020|MySQL authentication bypass / buffer overflow|e5e2883d-ceb9-11d8-8898-000d6111a684
|
|
||||||
mysql-server>=5.*<=5.0.0_2|http://www.nextgenss.com/advisories/mysql-authbypass.txt http://dev.mysql.com/doc/mysql/en/News-4.1.3.html http://secunia.com/advisories/12020|MySQL authentication bypass / buffer overflow|e5e2883d-ceb9-11d8-8898-000d6111a684
|
|
||||||
|
|
|
||||||
|
|
@ -36,5 +36,3 @@ libxine<1.0.r4|http://www.xinehq.de/index.php/security/XSA-2004-3 http://cve.mit
|
||||||
apache>=2.*<2.0.49_3|http://www.guninski.com/httpd1.html http://www.apacheweek.com/features/security-20 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://secunia.com/advisories/11956 http://www.osvdb.org/7269|Apache input header folding DoS vulnerability|81a8c9c2-c94f-11d8-8898-000d6111a684
|
apache>=2.*<2.0.49_3|http://www.guninski.com/httpd1.html http://www.apacheweek.com/features/security-20 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://secunia.com/advisories/11956 http://www.osvdb.org/7269|Apache input header folding DoS vulnerability|81a8c9c2-c94f-11d8-8898-000d6111a684
|
||||||
isakmpd<20040611|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022399.html http://www.osvdb.org/6951 http://www.secunia.com/advisories/11827 http://www.securityfocus.com/bid/10496|isakmpd security association deletion vulnerability|9a73a5b4-c9b5-11d8-95ca-02e081301d81
|
isakmpd<20040611|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022399.html http://www.osvdb.org/6951 http://www.secunia.com/advisories/11827 http://www.securityfocus.com/bid/10496|isakmpd security association deletion vulnerability|9a73a5b4-c9b5-11d8-95ca-02e081301d81
|
||||||
krb5<1.3.4|http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0523 http://www.osvdb.org/6846 http://secunia.com/advisories/11753 http://www.kb.cert.org/vuls/id/686862 http://www.securityfocus.com/bid/10448|MIT Kerberos 5 krb5_aname_to_localname() buffer overflow|5177b6e5-c9b7-11d8-95ca-02e081301d81
|
krb5<1.3.4|http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0523 http://www.osvdb.org/6846 http://secunia.com/advisories/11753 http://www.kb.cert.org/vuls/id/686862 http://www.securityfocus.com/bid/10448|MIT Kerberos 5 krb5_aname_to_localname() buffer overflow|5177b6e5-c9b7-11d8-95ca-02e081301d81
|
||||||
mysql-server>=4.1.*<4.1.3|http://www.nextgenss.com/advisories/mysql-authbypass.txt http://dev.mysql.com/doc/mysql/en/News-4.1.3.html http://secunia.com/advisories/12020|MySQL authentication bypass / buffer overflow|e5e2883d-ceb9-11d8-8898-000d6111a684
|
|
||||||
mysql-server>=5.*<=5.0.0_2|http://www.nextgenss.com/advisories/mysql-authbypass.txt http://dev.mysql.com/doc/mysql/en/News-4.1.3.html http://secunia.com/advisories/12020|MySQL authentication bypass / buffer overflow|e5e2883d-ceb9-11d8-8898-000d6111a684
|
|
||||||
|
|
|
||||||
|
|
@ -3856,4 +3856,35 @@ misc.c:
|
||||||
<entry>2004-07-05</entry>
|
<entry>2004-07-05</entry>
|
||||||
</dates>
|
</dates>
|
||||||
</vuln>
|
</vuln>
|
||||||
|
|
||||||
|
<vuln vid="e5e2883d-ceb9-11d8-8898-000d6111a684">
|
||||||
|
<topic>MySQL authentication bypass / buffer overflow</topic>
|
||||||
|
<affects>
|
||||||
|
<package>
|
||||||
|
<name>mysql-server</name>
|
||||||
|
<range><ge>4.1.*</ge><lt>4.1.3</lt></range>
|
||||||
|
<range><ge>5.*</ge><le>5.0.0_2</le></range>
|
||||||
|
</package>
|
||||||
|
</affects>
|
||||||
|
<description>
|
||||||
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||||
|
<p>By submitting a carefully crafted authentication packet, it is possible
|
||||||
|
for an attacker to bypass password authentication in MySQL 4.1. Using a
|
||||||
|
similar method, a stack buffer used in the authentication mechanism can
|
||||||
|
be overflowed.</p>
|
||||||
|
</body>
|
||||||
|
</description>
|
||||||
|
<references>
|
||||||
|
<url>http://www.nextgenss.com/advisories/mysql-authbypass.txt</url>
|
||||||
|
<url>http://dev.mysql.com/doc/mysql/en/News-4.1.3.html</url>
|
||||||
|
<url>http://secunia.com/advisories/12020</url>
|
||||||
|
<url>http://www.osvdb.org/7475</url>
|
||||||
|
<url>http://www.osvdb.org/7476</url>
|
||||||
|
<mlist msgid="Pine.LNX.4.44.0407080940550.9602-200000@pineapple.shacknet.nu">http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0003.html</mlist>
|
||||||
|
</references>
|
||||||
|
<dates>
|
||||||
|
<discovery>2004-07-01</discovery>
|
||||||
|
<entry>2004-07-05</entry>
|
||||||
|
</dates>
|
||||||
|
</vuln>
|
||||||
</vuxml>
|
</vuxml>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue