CVE-2012-5611
CVE-2012-5611
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/23075no verificadoexploitdbwww.exploit-db.com/exploits/23075no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.htmlhttp://lists.opensuse.org/opensuse-updates/2013-09/msg00010.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1551.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0180.htmlhttp://seclists.org/fulldisclosure/2012/Dec/4http://secunia.com/advisories/51443http://secunia.com/advisories/53372