Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-124
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités affectent MacOS X. Les plus graves permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.
Description
Plusieurs composants de MacOS X sont sujets à des vulnérabilités, les plus graves permettant à un attaquant distant d'exécuter du code arbitraire.
Les composants impactés sont : ColorSync (CVE-2007-0719), CoreGraphics, Crash Reporter (CVE-2007-0467), CUPS (CVE-2007-0720), Disk Images (CVE-2007-0721, CVE-2007-0722, CVE-2006-6061, CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299), DS Plug-Ins (CVE-2007-0723), Flash Player (CVE-2006-5330), GNU Tar (CVE-2006-0300, CVE-2006-6097), HFS (CVE-2007-0318), HID Family (CVE-2007-0724), ImageIO (CVE-2007-1071, CVE-2007-0733), Kernel (CVE-2006-5836, CVE-2006-6129, CVE-2006-6173), MySQL Server (CVE-2006-1516, CVE-2006-1517, CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226, CVE-2006-3469), Networking (CVE-2006-6130, CVE-2007-0236), OpenSSH (CVE-2007-0726, CVE-2006-0225, CVE-2006-4924, CVE-2006-5051, CVE-2006-5052), Printing (CVE-2007-0728), QuickDraw Manager (CVE-2007-0588), servermgrd (CVE-2007-0730), SMB File Server (CVE-2007-0731), Software Update (CVE-2007-0463), sudo (CVE-2005-2959), WebLog (CVE-2006-4829).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "MacOS X 10.3.9 et MacOS X Server 10.3.9 ;",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "MacOS X 10.4 et MacOS X Server 10.4.",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs composants de MacOS X sont sujets \u00e0 des vuln\u00e9rabilit\u00e9s, les\nplus graves permettant \u00e0 un attaquant distant d\u0027ex\u00e9cuter du code\narbitraire. \n\nLes composants impact\u00e9s sont : ColorSync (CVE-2007-0719), CoreGraphics,\nCrash Reporter (CVE-2007-0467), CUPS (CVE-2007-0720), Disk Images\n(CVE-2007-0721, CVE-2007-0722, CVE-2006-6061, CVE-2006-6062,\nCVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299), DS Plug-Ins\n(CVE-2007-0723), Flash Player (CVE-2006-5330), GNU Tar (CVE-2006-0300,\nCVE-2006-6097), HFS (CVE-2007-0318), HID Family (CVE-2007-0724), ImageIO\n(CVE-2007-1071, CVE-2007-0733), Kernel (CVE-2006-5836, CVE-2006-6129,\nCVE-2006-6173), MySQL Server (CVE-2006-1516, CVE-2006-1517,\nCVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226,\nCVE-2006-3469), Networking (CVE-2006-6130, CVE-2007-0236), OpenSSH\n(CVE-2007-0726, CVE-2006-0225, CVE-2006-4924, CVE-2006-5051,\nCVE-2006-5052), Printing (CVE-2007-0728), QuickDraw Manager\n(CVE-2007-0588), servermgrd (CVE-2007-0730), SMB File Server\n(CVE-2007-0731), Software Update (CVE-2007-0463), sudo (CVE-2005-2959),\nWebLog (CVE-2006-4829).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-3469",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3469"
},
{
"name": "CVE-2006-6061",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6061"
},
{
"name": "CVE-2006-2753",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2753"
},
{
"name": "CVE-2007-0722",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0722"
},
{
"name": "CVE-2007-0229",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0229"
},
{
"name": "CVE-2006-6173",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6173"
},
{
"name": "CVE-2007-0733",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0733"
},
{
"name": "CVE-2006-5836",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5836"
},
{
"name": "CVE-2007-0720",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0720"
},
{
"name": "CVE-2006-5052",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5052"
},
{
"name": "CVE-2006-3081",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3081"
},
{
"name": "CVE-2007-0318",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0318"
},
{
"name": "CVE-2007-0236",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0236"
},
{
"name": "CVE-2006-4829",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4829"
},
{
"name": "CVE-2006-1517",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1517"
},
{
"name": "CVE-2006-4924",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4924"
},
{
"name": "CVE-2005-2959",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2959"
},
{
"name": "CVE-2007-0728",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0728"
},
{
"name": "CVE-2006-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6129"
},
{
"name": "CVE-2007-0267",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0267"
},
{
"name": "CVE-2007-0731",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0731"
},
{
"name": "CVE-2007-0726",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0726"
},
{
"name": "CVE-2006-4226",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4226"
},
{
"name": "CVE-2007-0299",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0299"
},
{
"name": "CVE-2007-0724",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0724"
},
{
"name": "CVE-2007-1071",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1071"
},
{
"name": "CVE-2006-4031",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4031"
},
{
"name": "CVE-2007-0588",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0588"
},
{
"name": "CVE-2006-1516",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1516"
},
{
"name": "CVE-2006-5679",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5679"
},
{
"name": "CVE-2007-0721",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0721"
},
{
"name": "CVE-2006-6130",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6130"
},
{
"name": "CVE-2006-5330",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5330"
},
{
"name": "CVE-2007-0730",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0730"
},
{
"name": "CVE-2006-0300",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0300"
},
{
"name": "CVE-2007-0719",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0719"
},
{
"name": "CVE-2006-6062",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6062"
},
{
"name": "CVE-2006-0225",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0225"
},
{
"name": "CVE-2006-5051",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5051"
},
{
"name": "CVE-2007-0467",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0467"
},
{
"name": "CVE-2007-0463",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0463"
},
{
"name": "CVE-2006-6097",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6097"
},
{
"name": "CVE-2007-0723",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0723"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple du 12 mars 2007 :",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
}
],
"reference": "CERTA-2007-AVI-124",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-03-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent MacOS X. Les plus graves permettent \u00e0\nune personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans MacOS X",
"vendor_advisories": [
{
"published_at": null,
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 2007-003 de MacOS X",
"url": null
}
]
}
CVE-2005-2959 (GCVE-0-2005-2959)
Vulnerability from cvelistv5 – Published: 2005-10-25 04:00 – Updated: 2024-08-07 22:53
VLAI?
EPSS
Summary
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
19 references
Date Public ?
2005-10-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:29.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sudo.ws/bugs/show_bug.cgi?id=182"
},
{
"name": "17666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17666"
},
{
"name": "18549",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18549"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "MDKSA-2005:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:201"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "DSA-870",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-870"
},
{
"name": "17322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17322"
},
{
"name": "17390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17390"
},
{
"name": "SUSE-SR:2006:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
},
{
"name": "15191",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15191"
},
{
"name": "17345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17345"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "17318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17318"
},
{
"name": "USN-213-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/213-1/"
},
{
"name": "SUSE-SR:2005:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/9643"
},
{
"name": "OpenPKG-SA-2006.002",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.002-sudo.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sudo.ws/bugs/show_bug.cgi?id=182"
},
{
"name": "17666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17666"
},
{
"name": "18549",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18549"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "MDKSA-2005:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:201"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "DSA-870",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-870"
},
{
"name": "17322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17322"
},
{
"name": "17390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17390"
},
{
"name": "SUSE-SR:2006:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
},
{
"name": "15191",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15191"
},
{
"name": "17345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17345"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "17318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17318"
},
{
"name": "USN-213-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/213-1/"
},
{
"name": "SUSE-SR:2005:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/advisories/9643"
},
{
"name": "OpenPKG-SA-2006.002",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.002-sudo.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-2959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.sudo.ws/bugs/show_bug.cgi?id=182",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/bugs/show_bug.cgi?id=182"
},
{
"name": "17666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17666"
},
{
"name": "18549",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18549"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "MDKSA-2005:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:201"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "DSA-870",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-870"
},
{
"name": "17322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17322"
},
{
"name": "17390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17390"
},
{
"name": "SUSE-SR:2006:002",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_02_sr.html"
},
{
"name": "15191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15191"
},
{
"name": "17345",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17345"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "17318",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17318"
},
{
"name": "USN-213-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/213-1/"
},
{
"name": "SUSE-SR:2005:025",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/advisories/9643"
},
{
"name": "OpenPKG-SA-2006.002",
"refsource": "OPENPKG",
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.002-sudo.html"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2005-2959",
"datePublished": "2005-10-25T04:00:00.000Z",
"dateReserved": "2005-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:53:29.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0225 (GCVE-0-2006-0225)
Vulnerability from cvelistv5 – Published: 2006-01-25 11:00 – Updated: 2024-08-07 16:25
VLAI?
EPSS
Summary
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
65 references
Date Public ?
2006-01-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:34.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16369"
},
{
"name": "HPSBUX02178",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112"
},
{
"name": "25936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25936"
},
{
"name": "18798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18798"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"
},
{
"name": "23340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23340"
},
{
"name": "RHSA-2006:0298",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0298.html"
},
{
"name": "18970",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18970"
},
{
"name": "21492",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21492"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "2006-0004",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm"
},
{
"name": "19159",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19159"
},
{
"name": "18650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18650"
},
{
"name": "18736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18736"
},
{
"name": "22692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22692"
},
{
"name": "ADV-2007-2120",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2120"
},
{
"name": "23680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23680"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "18579",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18579"
},
{
"name": "18969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18969"
},
{
"name": "20723",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20723"
},
{
"name": "openssh-scp-command-execution(24305)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24305"
},
{
"name": "MDKSA-2006:034",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:034"
},
{
"name": "462",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/462"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm"
},
{
"name": "ADV-2006-4869",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4869"
},
{
"name": "OpenPKG-SA-2006.003",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html"
},
{
"name": "FLSA-2006:168935",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/425397/100/0/threaded"
},
{
"name": "RHSA-2006:0044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0044.html"
},
{
"name": "21262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21262"
},
{
"name": "25607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25607"
},
{
"name": "SSRT061267",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability"
},
{
"name": "SUSE-SA:2006:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_08_openssh.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=2751"
},
{
"name": "ADV-2006-2490",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2490"
},
{
"name": "ADV-2006-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0306"
},
{
"name": "SSA:2006-045-06",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.425802"
},
{
"name": "oval:org.mitre.oval:def:1138",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138"
},
{
"name": "21129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21129"
},
{
"name": "1015540",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015540"
},
{
"name": "FEDORA-2006-056",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html"
},
{
"name": "21724",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21724"
},
{
"name": "GLSA-200602-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml"
},
{
"name": "23241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23241"
},
{
"name": "20060212 [3.8] 005: SECURITY FIX: February 12, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026"
},
{
"name": "102961",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"name": "18850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18850"
},
{
"name": "22196",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22196"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm"
},
{
"name": "RHSA-2006:0698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0698.html"
},
{
"name": "18595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18595"
},
{
"name": "18964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18964"
},
{
"name": "USN-255-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-255-1"
},
{
"name": "oval:org.mitre.oval:def:9962",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962"
},
{
"name": "20060703-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
},
{
"name": "18910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18910"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16369"
},
{
"name": "HPSBUX02178",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112"
},
{
"name": "25936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25936"
},
{
"name": "18798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18798"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"
},
{
"name": "23340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23340"
},
{
"name": "RHSA-2006:0298",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0298.html"
},
{
"name": "18970",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18970"
},
{
"name": "21492",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21492"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "2006-0004",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-262.htm"
},
{
"name": "19159",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19159"
},
{
"name": "18650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18650"
},
{
"name": "18736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18736"
},
{
"name": "22692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22692"
},
{
"name": "ADV-2007-2120",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2120"
},
{
"name": "23680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23680"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "18579",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18579"
},
{
"name": "18969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18969"
},
{
"name": "20723",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20723"
},
{
"name": "openssh-scp-command-execution(24305)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24305"
},
{
"name": "MDKSA-2006:034",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:034"
},
{
"name": "462",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/462"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-158.htm"
},
{
"name": "ADV-2006-4869",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4869"
},
{
"name": "OpenPKG-SA-2006.003",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.003-openssh.html"
},
{
"name": "FLSA-2006:168935",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/425397/100/0/threaded"
},
{
"name": "RHSA-2006:0044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0044.html"
},
{
"name": "21262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21262"
},
{
"name": "25607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25607"
},
{
"name": "SSRT061267",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability"
},
{
"name": "SUSE-SA:2006:008",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_08_openssh.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=2751"
},
{
"name": "ADV-2006-2490",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2490"
},
{
"name": "ADV-2006-0306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0306"
},
{
"name": "SSA:2006-045-06",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.425802"
},
{
"name": "oval:org.mitre.oval:def:1138",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1138"
},
{
"name": "21129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21129"
},
{
"name": "1015540",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015540"
},
{
"name": "FEDORA-2006-056",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00062.html"
},
{
"name": "21724",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21724"
},
{
"name": "GLSA-200602-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200602-11.xml"
},
{
"name": "23241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23241"
},
{
"name": "20060212 [3.8] 005: SECURITY FIX: February 12, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174026"
},
{
"name": "102961",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"name": "18850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18850"
},
{
"name": "22196",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22196"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-246.htm"
},
{
"name": "RHSA-2006:0698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0698.html"
},
{
"name": "18595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18595"
},
{
"name": "18964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18964"
},
{
"name": "USN-255-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-255-1"
},
{
"name": "oval:org.mitre.oval:def:9962",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9962"
},
{
"name": "20060703-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
},
{
"name": "18910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18910"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0225",
"datePublished": "2006-01-25T11:00:00.000Z",
"dateReserved": "2006-01-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:25:34.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0300 (GCVE-0-2006-0300)
Vulnerability from cvelistv5 – Published: 2006-02-24 00:00 – Updated: 2024-08-07 16:34
VLAI?
EPSS
Summary
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
43 references
Date Public ?
2006-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:13.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2006-0010",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0010"
},
{
"name": "FLSA:183571-2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430299/100/0/threaded"
},
{
"name": "1015705",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015705"
},
{
"name": "oval:org.mitre.oval:def:5978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5978"
},
{
"name": "18999",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18999"
},
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "OpenPKG-SA-2006.006",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.006-tar.html"
},
{
"name": "18976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18976"
},
{
"name": "USN-257-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/257-1/"
},
{
"name": "23371",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23371"
},
{
"name": "19236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19236"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "DSA-987",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-987"
},
{
"name": "RHSA-2006:0232",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0232.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "19093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19093"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "543",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/543"
},
{
"name": "480",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/480"
},
{
"name": "MDKSA-2006:046",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046"
},
{
"name": "19152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19152"
},
{
"name": "[Bug-tar] 20060220 tar 1.15.90 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html"
},
{
"name": "241646",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-241646-1"
},
{
"name": "18973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18973"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "16764",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16764"
},
{
"name": "ADV-2008-2518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2518"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "oval:org.mitre.oval:def:5252",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5252"
},
{
"name": "oval:org.mitre.oval:def:9295",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9295"
},
{
"name": "20042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20042"
},
{
"name": "oval:org.mitre.oval:def:5993",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5993"
},
{
"name": "ADV-2006-0684",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0684"
},
{
"name": "19016",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19016"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "gnu-tar-pax-headers-bo(24855)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24855"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name": "oval:org.mitre.oval:def:6094",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6094"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
},
{
"name": "GLSA-200603-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "2006-0010",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0010"
},
{
"name": "FLSA:183571-2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/430299/100/0/threaded"
},
{
"name": "1015705",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015705"
},
{
"name": "oval:org.mitre.oval:def:5978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5978"
},
{
"name": "18999",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18999"
},
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "OpenPKG-SA-2006.006",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.org/security/OpenPKG-SA-2006.006-tar.html"
},
{
"name": "18976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18976"
},
{
"name": "USN-257-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/257-1/"
},
{
"name": "23371",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23371"
},
{
"name": "19236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19236"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "DSA-987",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-987"
},
{
"name": "RHSA-2006:0232",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0232.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "19093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19093"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "543",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/543"
},
{
"name": "480",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/480"
},
{
"name": "MDKSA-2006:046",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046"
},
{
"name": "19152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19152"
},
{
"name": "[Bug-tar] 20060220 tar 1.15.90 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/bug-tar/2006-02/msg00051.html"
},
{
"name": "241646",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-241646-1"
},
{
"name": "18973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18973"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "16764",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16764"
},
{
"name": "ADV-2008-2518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2518"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "oval:org.mitre.oval:def:5252",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5252"
},
{
"name": "oval:org.mitre.oval:def:9295",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9295"
},
{
"name": "20042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20042"
},
{
"name": "oval:org.mitre.oval:def:5993",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5993"
},
{
"name": "ADV-2006-0684",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0684"
},
{
"name": "19016",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19016"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "gnu-tar-pax-headers-bo(24855)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24855"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name": "oval:org.mitre.oval:def:6094",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6094"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
},
{
"name": "GLSA-200603-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0300",
"datePublished": "2006-02-24T00:00:00.000Z",
"dateReserved": "2006-01-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:34:13.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1516 (GCVE-0-2006-1516)
Vulnerability from cvelistv5 – Published: 2006-05-05 10:00 – Updated: 2024-08-07 17:12
VLAI?
EPSS
Summary
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
42 references
Date Public ?
2006-05-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:22.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2006-0028",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0028"
},
{
"name": "19929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19929"
},
{
"name": "20073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/365938"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "DSA-1079",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1079"
},
{
"name": "ADV-2006-1633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1633"
},
{
"name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
},
{
"name": "20424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20424"
},
{
"name": "GLSA-200605-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "840",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/840"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "SUSE-SA:2006:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
},
{
"name": "SUSE-SR:2006:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
},
{
"name": "17780",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17780"
},
{
"name": "MDKSA-2006:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
},
{
"name": "20241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20241"
},
{
"name": "20762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20762"
},
{
"name": "mysql-login-packet-info-disclosure(26236)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
},
{
"name": "236703",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
},
{
"name": "SSA:2006-155-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
},
{
"name": "20333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20333"
},
{
"name": "1016017",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016017"
},
{
"name": "20002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20002"
},
{
"name": "20223",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20223"
},
{
"name": "20076",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wisec.it/vulns.php?page=7"
},
{
"name": "DSA-1071",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1071"
},
{
"name": "ADV-2008-1326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
},
{
"name": "20253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20253"
},
{
"name": "USN-283-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/283-1/"
},
{
"name": "20457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20457"
},
{
"name": "DSA-1073",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1073"
},
{
"name": "29847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29847"
},
{
"name": "20625",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "oval:org.mitre.oval:def:9918",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "2006-0028",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0028"
},
{
"name": "19929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19929"
},
{
"name": "20073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/365938"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "DSA-1079",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1079"
},
{
"name": "ADV-2006-1633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1633"
},
{
"name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
},
{
"name": "20424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20424"
},
{
"name": "GLSA-200605-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "840",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/840"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "SUSE-SA:2006:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
},
{
"name": "SUSE-SR:2006:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
},
{
"name": "17780",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17780"
},
{
"name": "MDKSA-2006:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
},
{
"name": "20241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20241"
},
{
"name": "20762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20762"
},
{
"name": "mysql-login-packet-info-disclosure(26236)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
},
{
"name": "236703",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
},
{
"name": "SSA:2006-155-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
},
{
"name": "20333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20333"
},
{
"name": "1016017",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016017"
},
{
"name": "20002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20002"
},
{
"name": "20223",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20223"
},
{
"name": "20076",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wisec.it/vulns.php?page=7"
},
{
"name": "DSA-1071",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1071"
},
{
"name": "ADV-2008-1326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
},
{
"name": "20253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20253"
},
{
"name": "USN-283-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/283-1/"
},
{
"name": "20457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20457"
},
{
"name": "DSA-1073",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1073"
},
{
"name": "29847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29847"
},
{
"name": "20625",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "oval:org.mitre.oval:def:9918",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-1516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2006-0028",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0028"
},
{
"name": "19929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19929"
},
{
"name": "20073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20073"
},
{
"name": "http://bugs.debian.org/365938",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/365938"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "DSA-1079",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1079"
},
{
"name": "ADV-2006-1633",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1633"
},
{
"name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
},
{
"name": "20424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20424"
},
{
"name": "GLSA-200605-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "840",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/840"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "SUSE-SA:2006:036",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
},
{
"name": "SUSE-SR:2006:012",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
},
{
"name": "17780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17780"
},
{
"name": "MDKSA-2006:084",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
},
{
"name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
},
{
"name": "20241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20241"
},
{
"name": "20762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20762"
},
{
"name": "mysql-login-packet-info-disclosure(26236)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
},
{
"name": "236703",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
},
{
"name": "SSA:2006-155-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
},
{
"name": "20333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20333"
},
{
"name": "1016017",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016017"
},
{
"name": "20002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20002"
},
{
"name": "20223",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20223"
},
{
"name": "20076",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20076"
},
{
"name": "http://www.wisec.it/vulns.php?page=7",
"refsource": "MISC",
"url": "http://www.wisec.it/vulns.php?page=7"
},
{
"name": "DSA-1071",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1071"
},
{
"name": "ADV-2008-1326",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
},
{
"name": "20253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20253"
},
{
"name": "USN-283-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/283-1/"
},
{
"name": "20457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20457"
},
{
"name": "DSA-1073",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1073"
},
{
"name": "29847",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29847"
},
{
"name": "20625",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "oval:org.mitre.oval:def:9918",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-1516",
"datePublished": "2006-05-05T10:00:00.000Z",
"dateReserved": "2006-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:22.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1517 (GCVE-0-2006-1517)
Vulnerability from cvelistv5 – Published: 2006-05-05 10:00 – Updated: 2024-08-07 17:12
VLAI?
EPSS
Summary
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
43 references
Date Public ?
2006-05-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:12:22.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/432734/100/0/threaded"
},
{
"name": "2006-0028",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0028"
},
{
"name": "19929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19929"
},
{
"name": "20073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20073"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wisec.it/vulns.php?page=8"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "DSA-1079",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1079"
},
{
"name": "ADV-2006-1633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1633"
},
{
"name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
},
{
"name": "20424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20424"
},
{
"name": "GLSA-200605-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "oval:org.mitre.oval:def:11036",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036"
},
{
"name": "SUSE-SA:2006:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
},
{
"name": "839",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/839"
},
{
"name": "25228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25228"
},
{
"name": "SUSE-SR:2006:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
},
{
"name": "17780",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17780"
},
{
"name": "MDKSA-2006:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
},
{
"name": "20241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20241"
},
{
"name": "20762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20762"
},
{
"name": "236703",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
},
{
"name": "SSA:2006-155-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
},
{
"name": "20333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20333"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939"
},
{
"name": "20002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20002"
},
{
"name": "20223",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20223"
},
{
"name": "20076",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20076"
},
{
"name": "1016016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016016"
},
{
"name": "DSA-1071",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1071"
},
{
"name": "ADV-2008-1326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20253"
},
{
"name": "USN-283-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/283-1/"
},
{
"name": "20457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20457"
},
{
"name": "DSA-1073",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1073"
},
{
"name": "mysql-sqlparcecc-information-disclosure(26228)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26228"
},
{
"name": "29847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29847"
},
{
"name": "20625",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/432734/100/0/threaded"
},
{
"name": "2006-0028",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0028"
},
{
"name": "19929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19929"
},
{
"name": "20073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20073"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wisec.it/vulns.php?page=8"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "DSA-1079",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1079"
},
{
"name": "ADV-2006-1633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1633"
},
{
"name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
},
{
"name": "20424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20424"
},
{
"name": "GLSA-200605-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "oval:org.mitre.oval:def:11036",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036"
},
{
"name": "SUSE-SA:2006:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
},
{
"name": "839",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/839"
},
{
"name": "25228",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25228"
},
{
"name": "SUSE-SR:2006:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
},
{
"name": "17780",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17780"
},
{
"name": "MDKSA-2006:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
},
{
"name": "20241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20241"
},
{
"name": "20762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20762"
},
{
"name": "236703",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
},
{
"name": "SSA:2006-155-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
},
{
"name": "20333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20333"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939"
},
{
"name": "20002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20002"
},
{
"name": "20223",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20223"
},
{
"name": "20076",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20076"
},
{
"name": "1016016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016016"
},
{
"name": "DSA-1071",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1071"
},
{
"name": "ADV-2008-1326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20253"
},
{
"name": "USN-283-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/283-1/"
},
{
"name": "20457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20457"
},
{
"name": "DSA-1073",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1073"
},
{
"name": "mysql-sqlparcecc-information-disclosure(26228)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26228"
},
{
"name": "29847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29847"
},
{
"name": "20625",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-1517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060502 MySQL COM_TABLE_DUMP Information Leakage and Arbitrary commandexecution.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432734/100/0/threaded"
},
{
"name": "2006-0028",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0028"
},
{
"name": "19929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19929"
},
{
"name": "20073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20073"
},
{
"name": "http://www.wisec.it/vulns.php?page=8",
"refsource": "MISC",
"url": "http://www.wisec.it/vulns.php?page=8"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "DSA-1079",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1079"
},
{
"name": "ADV-2006-1633",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1633"
},
{
"name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
},
{
"name": "20424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20424"
},
{
"name": "GLSA-200605-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "oval:org.mitre.oval:def:11036",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036"
},
{
"name": "SUSE-SA:2006:036",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
},
{
"name": "839",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/839"
},
{
"name": "25228",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25228"
},
{
"name": "SUSE-SR:2006:012",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
},
{
"name": "17780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17780"
},
{
"name": "MDKSA-2006:084",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
},
{
"name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
},
{
"name": "20241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20241"
},
{
"name": "20762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20762"
},
{
"name": "236703",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
},
{
"name": "SSA:2006-155-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
},
{
"name": "20333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20333"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939"
},
{
"name": "20002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20002"
},
{
"name": "20223",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20223"
},
{
"name": "20076",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20076"
},
{
"name": "1016016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016016"
},
{
"name": "DSA-1071",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1071"
},
{
"name": "ADV-2008-1326",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20253"
},
{
"name": "USN-283-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/283-1/"
},
{
"name": "20457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20457"
},
{
"name": "DSA-1073",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1073"
},
{
"name": "mysql-sqlparcecc-information-disclosure(26228)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26228"
},
{
"name": "29847",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29847"
},
{
"name": "20625",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-1517",
"datePublished": "2006-05-05T10:00:00.000Z",
"dateReserved": "2006-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:12:22.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2753 (GCVE-0-2006-2753)
Vulnerability from cvelistv5 – Published: 2006-06-01 17:00 – Updated: 2024-08-07 17:58
VLAI?
EPSS
Summary
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
26 references
Date Public ?
2006-05-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:51.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1092",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lists.mysql.com/announce/364"
},
{
"name": "mysql-ascii-sql-injection(26875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26875"
},
{
"name": "20712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20712"
},
{
"name": "MDKSA-2006:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:097"
},
{
"name": "20541",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20541"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "20562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20562"
},
{
"name": "2006-0034",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0034/"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "GLSA-200606-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-13.xml"
},
{
"name": "20365",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20365"
},
{
"name": "20531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20531"
},
{
"name": "oval:org.mitre.oval:def:10312",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10312"
},
{
"name": "ADV-2006-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2105"
},
{
"name": "18219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18219"
},
{
"name": "20489",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20489"
},
{
"name": "1016216",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016216"
},
{
"name": "USN-303-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/303-1/"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "USN-288-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-288-3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369735"
},
{
"name": "20625",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1092",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lists.mysql.com/announce/364"
},
{
"name": "mysql-ascii-sql-injection(26875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26875"
},
{
"name": "20712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20712"
},
{
"name": "MDKSA-2006:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:097"
},
{
"name": "20541",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20541"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "20562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20562"
},
{
"name": "2006-0034",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0034/"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "GLSA-200606-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-13.xml"
},
{
"name": "20365",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20365"
},
{
"name": "20531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20531"
},
{
"name": "oval:org.mitre.oval:def:10312",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10312"
},
{
"name": "ADV-2006-2105",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2105"
},
{
"name": "18219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18219"
},
{
"name": "20489",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20489"
},
{
"name": "1016216",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016216"
},
{
"name": "USN-303-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/303-1/"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "USN-288-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-288-3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369735"
},
{
"name": "20625",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20625"
},
{
"name": "RHSA-2006:0544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-2753",
"datePublished": "2006-06-01T17:00:00.000Z",
"dateReserved": "2006-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:58:51.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3081 (GCVE-0-2006-3081)
Vulnerability from cvelistv5 – Published: 2006-06-19 18:00 – Updated: 2024-08-07 18:16
VLAI?
EPSS
Summary
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
22 references
Date Public ?
2006-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mysql-select-dos(27212)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
},
{
"name": "19929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19929"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "20060615 MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
},
{
"name": "TA06-208A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
},
{
"name": "20832",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20832"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "20060614 MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "MDKSA-2006:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
},
{
"name": "20060615 Re: MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437277"
},
{
"name": "DSA-1112",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"name": "18439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18439"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20871",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20871"
},
{
"name": "RHSA-2007:0083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "20060615 Re: MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
},
{
"name": "USN-306-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/306-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.mysql.com/bug.php?id=15828"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
},
{
"name": "oval:org.mitre.oval:def:9516",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mysql-select-dos(27212)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
},
{
"name": "19929",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19929"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "20060615 MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
},
{
"name": "TA06-208A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
},
{
"name": "20832",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20832"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "20060614 MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "MDKSA-2006:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
},
{
"name": "20060615 Re: MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437277"
},
{
"name": "DSA-1112",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"name": "18439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18439"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20871",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20871"
},
{
"name": "RHSA-2007:0083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "20060615 Re: MySQL DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
},
{
"name": "USN-306-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/306-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.mysql.com/bug.php?id=15828"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
},
{
"name": "oval:org.mitre.oval:def:9516",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mysql-select-dos(27212)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27212"
},
{
"name": "19929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19929"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "20060615 MySQL DoS",
"refsource": "FULLDISC",
"url": "http://seclists.org/lists/fulldisclosure/2006/Jun/0434.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373913"
},
{
"name": "TA06-208A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-208A.html"
},
{
"name": "20832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20832"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "20060614 MySQL DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437145"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "MDKSA-2006:111",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:111"
},
{
"name": "20060615 Re: MySQL DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437277"
},
{
"name": "DSA-1112",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"name": "18439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18439"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "20871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20871"
},
{
"name": "RHSA-2007:0083",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "20060615 Re: MySQL DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437571/100/0/threaded"
},
{
"name": "USN-306-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/306-1/"
},
{
"name": "http://bugs.mysql.com/bug.php?id=15828",
"refsource": "CONFIRM",
"url": "http://bugs.mysql.com/bug.php?id=15828"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
},
{
"name": "oval:org.mitre.oval:def:9516",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3081",
"datePublished": "2006-06-19T18:00:00.000Z",
"dateReserved": "2006-06-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:16:05.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3469 (GCVE-0-2006-3469)
Vulnerability from cvelistv5 – Published: 2006-07-18 23:00 – Updated: 2024-08-07 18:30
VLAI?
EPSS
Summary
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
Date Public ?
2006-07-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "GLSA-200608-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200608-09.xml"
},
{
"name": "19032",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19032"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "31226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31226"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "RHSA-2008:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html"
},
{
"name": "USN-321-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-321-1"
},
{
"name": "21147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21147"
},
{
"name": "21366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21366"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.mysql.com/bug.php?id=20729"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694"
},
{
"name": "oval:org.mitre.oval:def:9827",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9827"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html"
},
{
"name": "DSA-1112",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "GLSA-200608-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200608-09.xml"
},
{
"name": "19032",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19032"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "31226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31226"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "RHSA-2008:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html"
},
{
"name": "USN-321-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-321-1"
},
{
"name": "21147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21147"
},
{
"name": "21366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21366"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.mysql.com/bug.php?id=20729"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694"
},
{
"name": "oval:org.mitre.oval:def:9827",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9827"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html"
},
{
"name": "DSA-1112",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "GLSA-200608-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200608-09.xml"
},
{
"name": "19032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19032"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "31226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31226"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "RHSA-2008:0768",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html"
},
{
"name": "USN-321-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-321-1"
},
{
"name": "21147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21147"
},
{
"name": "21366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21366"
},
{
"name": "http://bugs.mysql.com/bug.php?id=20729",
"refsource": "MISC",
"url": "http://bugs.mysql.com/bug.php?id=20729"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694"
},
{
"name": "oval:org.mitre.oval:def:9827",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9827"
},
{
"name": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html"
},
{
"name": "DSA-1112",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1112"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3469",
"datePublished": "2006-07-18T23:00:00.000Z",
"dateReserved": "2006-07-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:30:34.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4031 (GCVE-0-2006-4031)
Vulnerability from cvelistv5 – Published: 2006-08-09 22:00 – Updated: 2024-08-07 18:57
VLAI?
EPSS
Summary
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
27 references
Date Public ?
2006-07-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21259"
},
{
"name": "21627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21627"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "SUSE-SR:2006:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "ADV-2006-3079",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3079"
},
{
"name": "19279",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19279"
},
{
"name": "USN-338-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-338-1"
},
{
"name": "31226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31226"
},
{
"name": "oval:org.mitre.oval:def:10468",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "RHSA-2008:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html"
},
{
"name": "21382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21382"
},
{
"name": "MDKSA-2006:149",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149"
},
{
"name": "22080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22080"
},
{
"name": "21770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21770"
},
{
"name": "21685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21685"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html"
},
{
"name": "1016617",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016617"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.mysql.com/bug.php?id=15195"
},
{
"name": "30351",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30351"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "RHSA-2007:0083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-568"
},
{
"name": "RHSA-2008:0364",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user\u0027s privileges are revoked for the original table, which might violate intended security policy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21259"
},
{
"name": "21627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21627"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "SUSE-SR:2006:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "ADV-2006-3079",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3079"
},
{
"name": "19279",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19279"
},
{
"name": "USN-338-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-338-1"
},
{
"name": "31226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31226"
},
{
"name": "oval:org.mitre.oval:def:10468",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "RHSA-2008:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html"
},
{
"name": "21382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21382"
},
{
"name": "MDKSA-2006:149",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149"
},
{
"name": "22080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22080"
},
{
"name": "21770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21770"
},
{
"name": "21685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21685"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html"
},
{
"name": "1016617",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016617"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.mysql.com/bug.php?id=15195"
},
{
"name": "30351",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30351"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "RHSA-2007:0083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-568"
},
{
"name": "RHSA-2008:0364",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user\u0027s privileges are revoked for the original table, which might violate intended security policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21259"
},
{
"name": "21627",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21627"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "SUSE-SR:2006:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "ADV-2006-3079",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3079"
},
{
"name": "19279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19279"
},
{
"name": "USN-338-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-338-1"
},
{
"name": "31226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31226"
},
{
"name": "oval:org.mitre.oval:def:10468",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "RHSA-2008:0768",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html"
},
{
"name": "21382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21382"
},
{
"name": "MDKSA-2006:149",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149"
},
{
"name": "22080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22080"
},
{
"name": "21770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21770"
},
{
"name": "21685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21685"
},
{
"name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html"
},
{
"name": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html"
},
{
"name": "1016617",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016617"
},
{
"name": "http://bugs.mysql.com/bug.php?id=15195",
"refsource": "MISC",
"url": "http://bugs.mysql.com/bug.php?id=15195"
},
{
"name": "30351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30351"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "RHSA-2007:0083",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-568",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-568"
},
{
"name": "RHSA-2008:0364",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4031",
"datePublished": "2006-08-09T22:00:00.000Z",
"dateReserved": "2006-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:57:46.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4226 (GCVE-0-2006-4226)
Vulnerability from cvelistv5 – Published: 2006-08-18 19:55 – Updated: 2024-08-07 18:57
VLAI?
EPSS
Summary
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
23 references
Date Public ?
2006-05-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10729",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10729"
},
{
"name": "21627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21627"
},
{
"name": "1016710",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016710"
},
{
"name": "RHSA-2007:0152",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0152.html"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "21762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21762"
},
{
"name": "ADV-2006-3306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3306"
},
{
"name": "SUSE-SR:2006:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "21506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "24744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24744"
},
{
"name": "19559",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19559"
},
{
"name": "mysql-case-privilege-escalation(28448)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28448"
},
{
"name": "MDKSA-2006:149",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149"
},
{
"name": "22080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22080"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.mysql.com/bug.php?id=17647"
},
{
"name": "[commits] 20060504 bk commit into 4.1 tree (bar:1.2474)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.mysql.com/commits/5927"
},
{
"name": "DSA-1169",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1169"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "RHSA-2007:0083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10729",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10729"
},
{
"name": "21627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21627"
},
{
"name": "1016710",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016710"
},
{
"name": "RHSA-2007:0152",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0152.html"
},
{
"name": "TA07-072A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "21762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21762"
},
{
"name": "ADV-2006-3306",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3306"
},
{
"name": "SUSE-SR:2006:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"name": "APPLE-SA-2007-03-13",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "21506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "24744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24744"
},
{
"name": "19559",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19559"
},
{
"name": "mysql-case-privilege-escalation(28448)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28448"
},
{
"name": "MDKSA-2006:149",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149"
},
{
"name": "22080",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22080"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.mysql.com/bug.php?id=17647"
},
{
"name": "[commits] 20060504 bk commit into 4.1 tree (bar:1.2474)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.mysql.com/commits/5927"
},
{
"name": "DSA-1169",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1169"
},
{
"name": "ADV-2007-0930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "RHSA-2007:0083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "24479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:10729",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10729"
},
{
"name": "21627",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21627"
},
{
"name": "1016710",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016710"
},
{
"name": "RHSA-2007:0152",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0152.html"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "21762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21762"
},
{
"name": "ADV-2006-3306",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3306"
},
{
"name": "SUSE-SR:2006:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "21506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21506"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "24744",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24744"
},
{
"name": "19559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19559"
},
{
"name": "mysql-case-privilege-escalation(28448)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28448"
},
{
"name": "MDKSA-2006:149",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149"
},
{
"name": "22080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22080"
},
{
"name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html",
"refsource": "CONFIRM",
"url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html"
},
{
"name": "http://bugs.mysql.com/bug.php?id=17647",
"refsource": "MISC",
"url": "http://bugs.mysql.com/bug.php?id=17647"
},
{
"name": "[commits] 20060504 bk commit into 4.1 tree (bar:1.2474)",
"refsource": "MLIST",
"url": "http://lists.mysql.com/commits/5927"
},
{
"name": "DSA-1169",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1169"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "RHSA-2007:0083",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4226",
"datePublished": "2006-08-18T19:55:00.000Z",
"dateReserved": "2006-08-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:57:46.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…