CVE-2012-5611
CVE-2012-5611
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/23075não verificadoexploitdbwww.exploit-db.com/exploits/23075não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.htmlhttp://lists.opensuse.org/opensuse-updates/2013-09/msg00010.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1551.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0180.htmlhttp://seclists.org/fulldisclosure/2012/Dec/4http://secunia.com/advisories/51443http://secunia.com/advisories/53372