MySQL yaSSL Vulnerability
Gravedad: High
Identificadores de CVE : CVE-2008-0226
Fecha recomendada: 27 de agosto de 2015
Descripción
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Revelación de la información
- 1006262 - MySQL yaSSL Pre-authentication Code Execution Vulnerability
- 1006262 - MySQL yaSSL Pre-authentication Code Execution Vulnerability
Soluciones
Trend Micro Deep Security DPI Rule Number: 1001312
Trend Micro Deep Security DPI Rule Name: 1001312 - MySQL yaSSL Pre-authentication Code Execution
Software y versión afectados
- MySQL MySQL
- yaSSL yaSSL 1.7.5