ID CVE-2006-3486
Summary ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
References
Vulnerable Configurations
  • cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 17-12-2019 - 20:16)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
refmap via4
misc
vupen ADV-2006-2700
xf mysql-instancemanager-dos(27635)
statements via4
contributor Mark J Cox
lastmodified 2006-07-19
organization Red Hat
statement We do not consider this issue to have security implications, and therefore have no plans to issue MySQL updates for Red Hat Enterprise Linux 2.1, 3, or 4 to correct this issue.
Last major update 17-12-2019 - 20:16
Published 10-07-2006 - 21:05
Last modified 17-12-2019 - 20:16
Back to Top