DB: MySQL Password Field Buffer Overflow
This signature detects attempts to exploit a known vulnerability against password changes in the MySQL server. By supplying an overly long value to the password field, the attacker can execute arbitrary commands on the victim host. Administrator level access on the database is required to exploit this vulnerability. This vulnerability is present in MySQL versions earlier than 4.0.15.
Extended Description
MySQL server has been reported prone to a buffer overflow vulnerability when handling user passwords of excessive size. The issue presents itself, due to a lack of sufficient bounds checking performed when processing MySQL user passwords. A password greater that 16 characters may overrun the bounds of a reserved buffer in memory and corrupt adjacent memory. An attacker with global administrative privileges on an affected MySQL server may potentially exploit this condition to have arbitrary supplied instructions executed in the context of the MySQL server.
Affected Products
Mysql_ab mysql
References
BugTraq: 8590
CVE: CVE-2003-0780
URL: http://www.mysql.com/downloads/mysql-4.0.html http://www.security.nnov.ru/search/document.asp?docid=5085
Short Name
DB:MYSQL:MYSQL-PASSWORD-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
Buffer CVE-2003-0780 Field MySQL Overflow Password bid:8590
Release Date
09/18/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Sgi
Conectiva
Mysql_ab
CVSS Score
9.0