DB: Oracle MySQL Grant File Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Oracle MySQL database server. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Short Name
DB:MYSQL:GRANT-FILE-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
Buffer CVE-2012-5611 File Grant MySQL Oracle Overflow Stack
Release Date
12/05/2012
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3706
False Positive
Unknown
CVSS Score
6.5