Shodan
Vulnerabilities
Vulnerable Software
Oracle:  >> Mysql  >> 3.23.14  Security Vulnerabilities
CVE-2004-0835
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
CVSS Score
7.5
EPSS Score
0.036
Published
2004-11-03
CVE-2004-0836
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
CVSS Score
10.0
EPSS Score
0.041
Published
2004-11-03
CVE-2004-0837
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
CVSS Score
2.6
EPSS Score
0.026
Published
2004-11-03
CVE-2004-0457
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-09-28
CVE-2002-0969
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
CVSS Score
7.8
EPSS Score
0.001
Published
2002-10-11
CVE-2001-0407
Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
CVSS Score
4.6
EPSS Score
0.007
Published
2001-06-27
CVE-2001-1454
Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
CVSS Score
7.5
EPSS Score
0.118
Published
2001-02-09
CVE-2001-1274
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
CVSS Score
7.5
EPSS Score
0.065
Published
2001-01-23
CVE-2001-1275
MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
CVSS Score
7.2
EPSS Score
0.004
Published
2001-01-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved