Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23821

HistoryApr 10, 2020 - 12:37 a.m.

Authorization Bypass

2020-04-1000:37:01

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

16

EPSS

0.077

Percentile

94.2%

mysql is vulnerable to authorization bypass. The vulnerability exists through multiple format string flaws were found in the way the MySQL server logs user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specifically-crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated).

References

archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html

lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

secunia.com/advisories/35767

secunia.com/advisories/36566

secunia.com/advisories/38517

securitytracker.com/id?1022533

support.apple.com/kb/HT4077

ubuntu.com/usn/usn-897-1

www.mandriva.com/security/advisories?name=MDVSA-2009:179

www.osvdb.org/55734

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2009-1289.html

www.redhat.com/support/errata/RHSA-2010-0110.html

www.securityfocus.com/archive/1/504799/100/0/threaded

www.securityfocus.com/bid/35609

www.ubuntu.com/usn/USN-1397-1

www.vupen.com/english/advisories/2009/1857

access.redhat.com/errata/RHSA-2009:1461

exchange.xforce.ibmcloud.com/vulnerabilities/51614

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857

EPSS

0.077

Percentile

94.2%

Related for VERACODE:23821

altlinux1 prion1 openvas40 nessus22 cvelist1 ubuntucve1 checkpoint_advisories1 nvd1 cve1 debian1 securityvulns1 fedora1 redhat3 oraclelinux2 centos2 seebug1 ubuntu2 gentoo1 threatpost1