MySQL yaSSL SSL Hello message buffer overflow
Added: 03/10/2008CVE: CVE-2008-0226
BID: 27140
OSVDB: 41935
Background
MySQL is an open-source database software package available for multiple platforms. yaSSL is an SSL library. MySQL, if SSL support is enabled, uses yaSSL by default.Problem
A buffer overflow vulnerability in the ProcessOldClientHello function in yaSSL allows an attacker to execute arbitrary commands by sending a specially crafted Hello packet to the MySQL server.Resolution
Upgrade to MySQL 5.1.23 or higher.References
http://www.securityfocus.com/archive/1/485810Limitations
Exploit works on MySQL Server 5.0.20a. The target MySQL server must be configured to use an SSL certificate.Platforms
Windows 2000Windows Server 2003
Linux
Back to exploit index