what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2014-0437

Status Candidate

Overview

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Related Files

Gentoo Linux Security Advisory 201409-04
Posted Sep 4, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201409-4 - Multiple vulnerabilities have been found in MySQL, worst of which allows local attackers to escalate their privileges. Versions less than 5.5.39 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2013-1861, CVE-2013-2134, CVE-2013-3839, CVE-2013-5767, CVE-2013-5770, CVE-2013-5786, CVE-2013-5793, CVE-2013-5807, CVE-2013-5860, CVE-2013-5881, CVE-2013-5882, CVE-2013-5891, CVE-2013-5894, CVE-2013-5908, CVE-2014-0001, CVE-2014-0384, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0427, CVE-2014-0430, CVE-2014-0431, CVE-2014-0433, CVE-2014-0437, CVE-2014-2419
SHA-256 | e41d06c2c432439d773fa63fdf7762487fd6cf0cb75e8b0100ef3d33be750cc6
Red Hat Security Advisory 2014-0189-01
Posted Feb 20, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0189-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MariaDB command line client tool processed excessively long version strings. If a user connected to a malicious MariaDB server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-3839, CVE-2013-5807, CVE-2013-5891, CVE-2013-5908, CVE-2014-0001, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437
SHA-256 | 9363f0425f3e1aa13fb9ec359268ed701ecf985bc1020734a200c6db13333cfd
Red Hat Security Advisory 2014-0186-01
Posted Feb 19, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0186-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MySQL command line client tool processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-3839, CVE-2013-5807, CVE-2013-5891, CVE-2013-5908, CVE-2014-0001, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437
SHA-256 | 309b1751a944b837c1314800979bc01678fd9c00fe5c6e246816bb4d53bfb3e8
Mandriva Linux Security Advisory 2014-028
Posted Feb 14, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-028 - Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service and possibly execute arbitrary code via a long server version string. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Various other issues have been addressed. The updated packages have been upgraded to the 5.5.35 version which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-0001, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908, CVE-2014-0420, CVE-2014-0393, CVE-2013-5891, CVE-2014-0386, CVE-2014-0401, CVE-2014-0402
SHA-256 | ebd9a0fcd180370e549e49c07622f3c2d751b23325b5393eb13159ca0e3864c5
Red Hat Security Advisory 2014-0173-01
Posted Feb 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0173-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MySQL command line client tool processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-3839, CVE-2013-5807, CVE-2013-5891, CVE-2013-5908, CVE-2014-0001, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437
SHA-256 | 31ea251646a83ad0404f232d723f28503dc57e7493d6173e5c3a773c84e8b119
Red Hat Security Advisory 2014-0164-01
Posted Feb 13, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0164-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. A buffer overflow flaw was found in the way the MySQL command line client tool processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-5908, CVE-2014-0001, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437
SHA-256 | adb9084b8273ad395a53af59d17c5e6ecca6f2f676c670521e85c9048702804f
Debian Security Advisory 2848-1
Posted Jan 24, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2848-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.35. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-5891, CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437
SHA-256 | 8de1a42f32bbbd17b73175f40ccc257f1623775f9476c9721e9cee2e5ee35c38
Ubuntu Security Notice USN-2086-1
Posted Jan 21, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2086-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.73 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.10 have been updated to MySQL 5.5.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-5891, CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437
SHA-256 | ecdc49310c2f71acc9a595510d489697a1eee7e94d568bb4b84e9a20b11f608d
Debian Security Advisory 2845-1
Posted Jan 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2845-1 - This DSA updates the MySQL 5.1 database to 5.1.73. This fixes multiple unspecified security problems in MySQL.

tags | advisory
systems | linux, debian
advisories | CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437
SHA-256 | fa7f40229dc90120ac0e0aa2eb8e2e1325f67ad09b177a5753770abee5251c4f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close