CVE-2008-0226
CVE-2008-0226
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
exploitdbwww.exploit-db.com/exploits/9953no verificadoexploitdbwww.exploit-db.com/exploits/16849no verificadoexploitdbwww.exploit-db.com/exploits/16701no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://bugs.mysql.com/33814http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.htmlhttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlhttp://secunia.com/advisories/28324http://secunia.com/advisories/28419http://secunia.com/advisories/28597http://secunia.com/advisories/29443http://secunia.com/advisories/32222http://securityreason.com/securityalert/3531https://exchange.xforce.ibmcloud.com/vulnerabilities/39429https://exchange.xforce.ibmcloud.com/vulnerabilities/39431http://support.apple.com/kb/HT3216