CVE - CVE-2009-4484

CVE-ID
CVE-2009-4484	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:37640 URL:http://www.securityfocus.com/bid/37640 BID:37943 URL:http://www.securityfocus.com/bid/37943 BID:37974 URL:http://www.securityfocus.com/bid/37974 CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 CONFIRM:http://bugs.mysql.com/bug.php?id=50227 CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html CONFIRM:http://www.yassl.com/news.html#yassl199 CONFIRM:http://www.yassl.com/release.html CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 DEBIAN:DSA-1997 URL:http://www.debian.org/security/2010/dsa-1997 MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html MISC:http://intevydis.com/mysql_demo.html MISC:http://intevydis.com/mysql_overflow1.py.txt MISC:http://intevydis.com/vd-list.shtml MISC:http://isc.sans.org/diary.html?storyid=7900 MISC:http://www.intevydis.com/blog/?p=106 MISC:http://www.intevydis.com/blog/?p=57 MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 URL:http://lists.mysql.com/commits/96697 MLIST:[dailydave] 20100106 0day demos URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html MLIST:[dailydave] 20100126 New db bugs URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html OSVDB:61956 URL:~~http://www.osvdb.org/61956~~ (Obsolete source) SECTRACK:1023402 URL:http://securitytracker.com/id?1023402 SECTRACK:1023513 URL:http://securitytracker.com/id?1023513 SECUNIA:37493 URL:http://secunia.com/advisories/37493 SECUNIA:38344 URL:http://secunia.com/advisories/38344 SECUNIA:38364 URL:http://secunia.com/advisories/38364 SECUNIA:38517 URL:http://secunia.com/advisories/38517 SECUNIA:38573 URL:http://secunia.com/advisories/38573 UBUNTU:USN-1397-1 URL:http://www.ubuntu.com/usn/USN-1397-1 UBUNTU:USN-897-1 URL:http://ubuntu.com/usn/usn-897-1 VUPEN:ADV-2010-0233 URL:~~http://www.vupen.com/english/advisories/2010/0233~~ (Obsolete source) VUPEN:ADV-2010-0236 URL:~~http://www.vupen.com/english/advisories/2010/0236~~ (Obsolete source) XF:mysql-unspecified-bo(55416) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416
Assigning CNA
MITRE Corporation
Date Record Created
20091230	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20091230)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)