Vulnerability identifier: #VU43240
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
mysql
Vendor: Google
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
Mitigation
Install update from vendor's website.
Vulnerable software versions
mysql: 5.1 - 5.5.21
External links
https://www.openwall.com/lists/oss-security/2012/02/24/2
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=789141
https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html
https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.