Описание
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-0969
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0004.html
- http://marc.info/?l=bugtraq&m=103358628011935&w=2
- http://www.iss.net/security_center/static/10243.php
- http://www.mysql.com/documentation/mysql/bychapter/manual_News.html#News-3.23.x
- http://www.securityfocus.com/bid/5853
- http://www.westpoint.ltd.uk/advisories/wp-02-0003.txt
Связанные уязвимости
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta ...