Lucene search

[email protected]CVE-2006-1517

HistoryMay 05, 2006 - 12:46 p.m.

CVE-2006-1517

2006-05-0512:46:00

[email protected]

web.nvd.nist.gov

mysql

cve-2006-1517

sql_parse.cc

memory disclosure

nvd

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.6 High

AI Score

Confidence

High

0.314 Low

EPSS

Percentile

97.0%

JSON

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.

Affected configurations

NVD

Node

mysqlmysqlMatch4.1.0

mysqlmysqlMatch4.1.3

mysqlmysqlMatch4.1.8

mysqlmysqlMatch4.1.10

mysqlmysqlMatch4.1.12

mysqlmysqlMatch4.1.13

mysqlmysqlMatch4.1.14

mysqlmysqlMatch4.1.15

mysqlmysqlMatch5.0.1

mysqlmysqlMatch5.0.2

mysqlmysqlMatch5.0.3

mysqlmysqlMatch5.0.4

mysqlmysqlMatch5.0.5

mysqlmysqlMatch5.0.10

mysqlmysqlMatch5.0.15

mysqlmysqlMatch5.0.16

mysqlmysqlMatch5.0.17

oraclemysqlMatch4.0.0

oraclemysqlMatch4.0.1

oraclemysqlMatch4.0.2

oraclemysqlMatch4.0.3

oraclemysqlMatch4.0.4

oraclemysqlMatch4.0.5

oraclemysqlMatch4.0.5a

oraclemysqlMatch4.0.6

oraclemysqlMatch4.0.7

oraclemysqlMatch4.0.7gamma

oraclemysqlMatch4.0.8

oraclemysqlMatch4.0.8gamma

oraclemysqlMatch4.0.9

oraclemysqlMatch4.0.9gamma

oraclemysqlMatch4.0.10

oraclemysqlMatch4.0.11

oraclemysqlMatch4.0.11gamma

oraclemysqlMatch4.0.12

oraclemysqlMatch4.0.13

oraclemysqlMatch4.0.14

oraclemysqlMatch4.0.15

oraclemysqlMatch4.0.16

oraclemysqlMatch4.0.17

oraclemysqlMatch4.0.18

oraclemysqlMatch4.0.19

oraclemysqlMatch4.0.20

oraclemysqlMatch4.0.21

oraclemysqlMatch4.0.23

oraclemysqlMatch4.0.24

oraclemysqlMatch4.0.25

oraclemysqlMatch4.0.26

oraclemysqlMatch4.1.0alpha

oraclemysqlMatch4.1.2alpha

oraclemysqlMatch4.1.3beta

oraclemysqlMatch4.1.4

oraclemysqlMatch4.1.5

oraclemysqlMatch4.1.6

oraclemysqlMatch4.1.7

oraclemysqlMatch4.1.9

oraclemysqlMatch4.1.11

oraclemysqlMatch4.1.16

oraclemysqlMatch4.1.17

oraclemysqlMatch4.1.18

oraclemysqlMatch5.0.0alpha

oraclemysqlMatch5.0.3beta

oraclemysqlMatch5.0.6

oraclemysqlMatch5.0.7

oraclemysqlMatch5.0.8

oraclemysqlMatch5.0.9

oraclemysqlMatch5.0.11

oraclemysqlMatch5.0.12

oraclemysqlMatch5.0.13

oraclemysqlMatch5.0.14

oraclemysqlMatch5.0.18

CPENameOperatorVersion
mysql:mysqlmysqleq4.1.0
mysql:mysqlmysqleq4.1.3
mysql:mysqlmysqleq4.1.8
mysql:mysqlmysqleq4.1.10
mysql:mysqlmysqleq4.1.12
mysql:mysqlmysqleq4.1.13
mysql:mysqlmysqleq4.1.14
mysql:mysqlmysqleq4.1.15
mysql:mysqlmysqleq5.0.1
mysql:mysqlmysqleq5.0.2

CPE	Name	Operator	Version
mysql:mysql	mysql	eq	4.1.0
mysql:mysql	mysql	eq	4.1.3
mysql:mysql	mysql	eq	4.1.8
mysql:mysql	mysql	eq	4.1.10
mysql:mysql	mysql	eq	4.1.12
mysql:mysql	mysql	eq	4.1.13
mysql:mysql	mysql	eq	4.1.14
mysql:mysql	mysql	eq	4.1.15
mysql:mysql	mysql	eq	5.0.1
mysql:mysql	mysql	eq	5.0.2

Rows per page:

1-10 of 671

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939

dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html

docs.info.apple.com/article.html?artnum=305214

lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html

secunia.com/advisories/19929

secunia.com/advisories/20002

secunia.com/advisories/20073

secunia.com/advisories/20076

secunia.com/advisories/20223

secunia.com/advisories/20241

secunia.com/advisories/20253

secunia.com/advisories/20333

secunia.com/advisories/20424

secunia.com/advisories/20457

secunia.com/advisories/20625

secunia.com/advisories/20762

secunia.com/advisories/24479

secunia.com/advisories/29847

securityreason.com/securityalert/839

securitytracker.com/id?1016016

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377

sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1

www.debian.org/security/2006/dsa-1071

www.debian.org/security/2006/dsa-1073

www.debian.org/security/2006/dsa-1079

www.gentoo.org/security/en/glsa/glsa-200605-13.xml

www.mandriva.com/security/advisories?name=MDKSA-2006:084

www.novell.com/linux/security/advisories/2006-06-02.html

www.osvdb.org/25228

www.redhat.com/support/errata/RHSA-2006-0544.html

www.securityfocus.com/archive/1/432734/100/0/threaded

www.securityfocus.com/archive/1/434164/100/0/threaded

www.securityfocus.com/bid/17780

www.trustix.org/errata/2006/0028

www.us-cert.gov/cas/techalerts/TA07-072A.html

www.vupen.com/english/advisories/2006/1633

www.vupen.com/english/advisories/2007/0930

www.vupen.com/english/advisories/2008/1326/references

www.wisec.it/vulns.php?page=8

exchange.xforce.ibmcloud.com/vulnerabilities/26228

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036

usn.ubuntu.com/283-1/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.6 High

AI Score

Confidence

High

0.314 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2006-1517

prion1 checkpoint_advisories1 cvelist1 nvd1 ubuntucve1 ubuntu1 openvas14 nessus18 gentoo1 suse1 altlinux1 freebsd1 slackware2 debian5 osv3 centos1 redhat1