Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-0709

Опубликовано: 02 мая 2005
Источник: nvd
CVSS2: 4.6
EPSS Средний

Описание

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:3.23.49:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 97%
0.3706
Средний

4.6 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2005-0709

ubuntu
больше 20 лет назад

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.

redhat логотип

CVE-2005-0709

redhat
больше 20 лет назад

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.

debian логотип

CVE-2005-0709

debian
больше 20 лет назад

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authen ...

github логотип

GHSA-3x8w-p58r-45ff

github
больше 3 лет назад

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.

EPSS

Процентиль: 97%
0.3706
Средний

4.6 Medium

CVSS2

Дефекты

CWE-94