Vulnerability in N/a

CVE-2003-0780

Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

EPSS: 0.709 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

CLA-2003:743 (vendor-advisory, x_refsource_CONECTIVA)
RHSA-2003:282 (x_refsource_REDHAT, vendor-advisory)
MDKSA-2003:094 (vendor-advisory, x_refsource_MANDRAKE)
20030913 exploit for mysql -- [get_salt_from_password] problem (mailing-list, x_refsource_BUGTRAQ)
20030910 Buffer overflow in MySQL (mailing-list, x_refsource_FULLDISC)
DSA-381 (vendor-advisory, x_refsource_DEBIAN)
VU#516492 (x_refsource_CERT-VN, third-party-advisory)
RHSA-2003:281 (x_refsource_REDHAT, vendor-advisory)
20030910 Buffer overflow in MySQL (mailing-list, x_refsource_BUGTRAQ)
9709 (x_refsource_SECUNIA, third-party-advisory)