MySQL yaSSL Vulnerability
Schweregrad: : Alto
Identificador(es) CVE: : CVE-2008-0226
Data do informe: 27 agosto 2015
Descrição
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Exposição das informações
- 1006262 - MySQL yaSSL Pre-authentication Code Execution Vulnerability
- 1006262 - MySQL yaSSL Pre-authentication Code Execution Vulnerability
Solução
Trend Micro Deep Security DPI Rule Number: 1001312
Trend Micro Deep Security DPI Rule Name: 1001312 - MySQL yaSSL Pre-authentication Code Execution
Software infectado e versão:
- MySQL MySQL
- yaSSL yaSSL 1.7.5