1. CVE-Search
  2. CVE-2005-0684
ID CVE-2005-0684
Summary Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
References
Vulnerable Configurations
  • cpe:2.3:a:mysql:maxdb:7.5.00:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.18:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.19:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:maxdb:7.5.00.23:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:maxdb:7.5.00.23:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 08-03-2011 - 02:20)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 13368
confirm http://dev.mysql.com/doc/maxdb/changes/changes_7.5.00.26.html#WebDAV
idefense
  • 20050425 MySQL MaxDB Webtool Remote Lock-Token Stack Overflow Vulnerability
  • 20050425 MySQL MaxDB Webtool Remote Stack Overflow Vulnerability
saint via4
bid 13368
description MySQL MaxDB WebTools special character buffer overflow
id web_tool_maxdbbo
osvdb 15816
title maxdb_webtool_special_character_bo
type remote
Last major update 08-03-2011 - 02:20
Published 25-04-2005 - 04:00
Last modified 08-03-2011 - 02:20
Back to Top