Back to search
CVE-2002-1376
Published: Dec 17, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20021212 Advisory 04/2002: Multiple MySQL vulnerabilities
mailing-list
x_refsource_BUGTRAQ
20021216 [OpenPKG-SA-2002.013] OpenPKG Security Advisory (mysql)
mailing-list
x_refsource_BUGTRAQ
20021219 TSLSA-2002-0086 - mysql
mailing-list
x_refsource_BUGTRAQ
6370
vdb-entry
x_refsource_BID
CLSA-2002:555
vendor-advisory
x_refsource_CONECTIVA
MDKSA-2002:087
vendor-advisory
x_refsource_MANDRAKE
20021215 GLSA: mysql
mailing-list
x_refsource_BUGTRAQ
mysql-libmysqlclient-readonerow-bo(10850)
vdb-entry
x_refsource_XF
mysql-libmysqlclient-readrows-bo(10849)
vdb-entry
x_refsource_XF
ESA-20021213-033
vendor-advisory
x_refsource_ENGARDE
http://security.e-matters.de/advisories/042002.html
x_refsource_MISC
6374
vdb-entry
x_refsource_BID
DSA-212
vendor-advisory
x_refsource_DEBIAN
RHSA-2002:288
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now