[nycphp-talk] php & mysql in SecurityFocus Newsletter #214
Analysis & Solutions
danielc at analysisandsolutions.com
Wed Sep 17 23:20:55 EDT 2003
Hey Folks:
More excitement...
-----------------------
MySQL Password Handler Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/8590
The issue presents itself, due to a lack of sufficient bounds checking
performed on MySQL user passwords that are stored in the 'Password' field
of the 'User' table in a MySQL database. It has been reported that MySQL
fails to properly perform bounds checking when processing passwords. A
password greater that 16 characters may overrun the bounds of a reserved
buffer in memory and corrupt adjacent memory. The buffer overflow occurs
in an ACL_USER instance of acl_init(), and may ultimately result in the
corruption of a saved instruction pointer.
An attacker with global administrative privileges on an affected MySQL
server may potentially exploit this condition to have arbitrary supplied
instructions executed in the context of the MySQL server.
This vulnerability has been reported to affect all versions of MySQL up to
and including 4.0.14 and 3.0.57.
-----------------------
Digital Scribe Error Function Cross-Site Scripting Vulnerabi...
http://www.securityfocus.com/bid/8551
PHPBB URL BBCode HTML Injection Vulnerability
http://www.securityfocus.com/bid/8570
Invision Power Board Index.php Showtopic Cross-Site Scriptin...
http://www.securityfocus.com/bid/8575
KokeshCMS Unauthorized Content Editing Vulnerability
http://www.securityfocus.com/bid/8585
b2evolution Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/8586
b2evolution Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/8591
Enjoy,
--Dan
--
FREE scripts that make web and database programming easier
http://www.analysisandsolutions.com/software/
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list