MySQL.MaxDB.WebSQL.Password.Buffer.Overflow
Description
This indicates a possible exploit of a buffer overflow vulnerability in the websql CGI program, in MySQL MaxDB. It may allow remote attackers to execute arbitrary code via a long password parameter.
Affected Products
MySQL AB MaxDB 7.5.00.16
MySQL AB MaxDB 7.5.00.15
MySQL AB MaxDB 7.5.00.14
MySQL AB MaxDB 7.5.00.12
MySQL AB MaxDB 7.5.00.11
MySQL AB MaxDB 7.5.00.08
MySQL AB MaxDB 7.5.00
Impact
System compromise: remote code execution.
Recommended Actions
The vendor has addressed in this issue in MaxDB 7.5.00.18 and subsequent.
MySQL AB MaxDB 7.5.00.14
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
/>MySQL AB MaxDB 7.5.00.11
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
/>MySQL AB MaxDB 7.5.00.15
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
/>MySQL AB MaxDB 7.5.00.08
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
/>MySQL AB MaxDB 7.5.00
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
/>MySQL AB MaxDB 7.5.00.12
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
/>MySQL AB MaxDB 7.5.00.16
* MySQL AB MaxDB 7.5.00.23
http://dev.mysql.com/downloads/maxdb/7.5.00.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-26 | 13.458 |