DB: MySQL Login Handshake Information Disclosure
This signature detects attempts to exploit a known vulnerability against MySQL Database Server. A successful attack can lead to information disclosure. Attackers can exploit this issue to obtain sensitive information that may lead to future attacks.
Extended Description
MySQL is prone to multiple remote vulnerabilities: 1. A buffer-overflow vulnerability occurs because the software fails to perform sufficient boundary checks of user-supplied data before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of affected database servers. Failed exploit attempts will likely crash the server, denying further service to legitimate users. 2. Two information-disclosure vulnerabilities occur because the software fails to sufficiently sanitize and check boundaries of user-supplied data. These issues allow remote users to gain access to potentially sensitive information that may aid in further attacks.
Affected Products
Suse linux_desktop
Short Name
DB:MYSQL:LOGIN-INFO-DISCLOSURE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2006-1516 Disclosure Handshake Information Login MySQL bid:17780
Release Date
08/07/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Trustix
Sun
Gentoo
Turbolinux
Avaya
Slackware
Ubuntu
Mandriva
Mysql_ab
Debian
CVSS Score
5.0