Total vulnerabilities in the database
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
| Software | From | Fixed in |
|---|---|---|
| oracle / mysql | 5.0.0-milestone2 | 5.0.0-milestone2.x |
| oracle / mysql | 5.0.0-milestone1 | 5.0.0-milestone1.x |
| oracle / mysql | 5.1.0 | 5.1.43 |
| oracle / mysql | 5.0.0 | 5.0.90 |
| wolfssl / yassl | - | 1.9.9 |
| canonical / ubuntu_linux | 10.10 | 10.10.x |
| canonical / ubuntu_linux | 11.04 | 11.04.x |
| canonical / ubuntu_linux | 11.10 | 11.10.x |
| canonical / ubuntu_linux | 9.04 | 9.04.x |
| canonical / ubuntu_linux | 8.10 | 8.10.x |
| canonical / ubuntu_linux | 9.10 | 9.10.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |
| canonical / ubuntu_linux | 10.04 | 10.04.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
| debian / debian_linux | 5.0 | 5.0.x |
| debian / debian_linux | 4.0 | 4.0.x |
| debian / debian_linux | 6.0 | 6.0.x |
| mariadb / mariadb | 5.1 | 5.1.42 |