← voltar
CVE-2008-0226

CVE-2008-0226

EPSS 91.6%
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Produtos afetados
n/a · n/a
PoCs públicas encontradas3
exploitdbwww.exploit-db.com/exploits/9953não verificadoexploitdbwww.exploit-db.com/exploits/16849não verificadoexploitdbwww.exploit-db.com/exploits/16701não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://bugs.mysql.com/33814http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.htmlhttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlhttp://secunia.com/advisories/28324http://secunia.com/advisories/28419http://secunia.com/advisories/28597http://secunia.com/advisories/29443http://secunia.com/advisories/32222http://securityreason.com/securityalert/3531https://exchange.xforce.ibmcloud.com/vulnerabilities/39429https://exchange.xforce.ibmcloud.com/vulnerabilities/39431http://support.apple.com/kb/HT3216