FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4913886c-e875-11da-b9f4-00123ffe8333	MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities Secunia reports: MySQL have some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system. 1) An error within the code that generates an error response to an invalid COM_TABLE_DUMP packet can be exploited by an authenticated client to disclosure certain memory content of the server process. 2) A boundary error within the handling of specially crafted invalid COM_TABLE_DUMP packets can be exploited by an authenticated client to cause a buffer overflow and allows arbitrary code execution. 3) An error within the handling of malformed login packets can be exploited to disclosure certain memory content of the server process in the error messages. Discovery 2006-05-02 Entry 2006-06-01 mysql-server > 4.0 lt 4.0.27 > 4.1 lt 4.1.19 > 5.1 le 5.1.9 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518 602457 http://www.wisec.it/vulns.php?page=7 http://www.wisec.it/vulns.php?page=8 http://dev.mysql.com/doc/refman/4.1/en/news-4-0-27.html http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-10.html http://secunia.com/advisories/19929/ http://www.vuxml.org/freebsd/a8d8713e-dc83-11da-a22b-000c6ec775d9.html
a0e92718-6603-11db-ab90-000e35fd8194	mysql -- database "case-sensitive" privilege escalation Michal Prokopiuk reports a privilege escalation in MySQL. The vulnerability causes MySQL, when run on case-sensitive filesystems, to allow remote and local authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. Discovery 2006-08-09 Entry 2006-10-29 mysql-server >= 5.1 lt 5.1.12 >= 5.0 lt 5.0.25 < 4.1.21 19559 CVE-2006-4226 http://bugs.mysql.com/bug.php?id=17647

VuXML ID

Description

4913886c-e875-11da-b9f4-00123ffe8333

MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities

Secunia reports:

MySQL have some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.

1) An error within the code that generates an error response to an invalid COM_TABLE_DUMP packet can be exploited by an authenticated client to disclosure certain memory content of the server process.

2) A boundary error within the handling of specially crafted invalid COM_TABLE_DUMP packets can be exploited by an authenticated client to cause a buffer overflow and allows arbitrary code execution.

3) An error within the handling of malformed login packets can be exploited to disclosure certain memory content of the server process in the error messages.

Discovery 2006-05-02
Entry 2006-06-01
mysql-server

> 4.0 lt 4.0.27

> 4.1 lt 4.1.19

> 5.1 le 5.1.9

CVE-2006-1516
CVE-2006-1517
CVE-2006-1518
602457
http://www.wisec.it/vulns.php?page=7
http://www.wisec.it/vulns.php?page=8
http://dev.mysql.com/doc/refman/4.1/en/news-4-0-27.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-10.html
http://secunia.com/advisories/19929/
http://www.vuxml.org/freebsd/a8d8713e-dc83-11da-a22b-000c6ec775d9.html

a0e92718-6603-11db-ab90-000e35fd8194

mysql -- database "case-sensitive" privilege escalation

Michal Prokopiuk reports a privilege escalation in MySQL. The vulnerability causes MySQL, when run on case-sensitive filesystems, to allow remote and local authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

Discovery 2006-08-09
Entry 2006-10-29
mysql-server

>= 5.1 lt 5.1.12

>= 5.0 lt 5.0.25

< 4.1.21

19559
CVE-2006-4226
http://bugs.mysql.com/bug.php?id=17647