Vulnerability-Lookup

CVE-2006-1516 (GCVE-0-2006-1516)

Vulnerability from cvelistv5 – Published: 2006-05-05 14:00 – Updated: 2024-08-07 17:12

Summary

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.

Severity ?

No CVSS data available.

CWE

Assigner

debian

References

URL

Tags

	http://www.trustix.org/errata/2006/0028	vendor-advisoryx_refsource_TRUSTIX
	http://secunia.com/advisories/19929	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20073	third-party-advisoryx_refsource_SECUNIA
	http://bugs.debian.org/365938	x_refsource_CONFIRM
	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	third-party-advisoryx_refsource_CERT
	http://www.debian.org/security/2006/dsa-1079	vendor-advisoryx_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2006/1633	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/434164/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/20424	third-party-advisoryx_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-20060…	vendor-advisoryx_refsource_GENTOO
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://securityreason.com/securityalert/840	third-party-advisoryx_refsource_SREASON
	http://docs.info.apple.com/article.html?artnum=305214	x_refsource_CONFIRM
	http://lists.suse.com/archive/suse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.securityfocus.com/bid/17780	vdb-entryx_refsource_BID
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html	x_refsource_CONFIRM
	http://secunia.com/advisories/20241	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20762	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://secunia.com/advisories/20333	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1016017	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/20002	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20223	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20076	third-party-advisoryx_refsource_SECUNIA
	http://www.wisec.it/vulns.php?page=7	x_refsource_MISC
	http://www.debian.org/security/2006/dsa-1071	vendor-advisoryx_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2008/1326…	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2007/0930	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/432733/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/20253	third-party-advisoryx_refsource_SECUNIA
	https://usn.ubuntu.com/283-1/	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/20457	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-1073	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/29847	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/20625	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2006-05…	vendor-advisoryx_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/24479	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:12:22.153Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "2006-0028",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0028"
          },
          {
            "name": "19929",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19929"
          },
          {
            "name": "20073",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20073"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/365938"
          },
          {
            "name": "TA07-072A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "name": "DSA-1079",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1079"
          },
          {
            "name": "ADV-2006-1633",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1633"
          },
          {
            "name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
          },
          {
            "name": "20424",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20424"
          },
          {
            "name": "GLSA-200605-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
          },
          {
            "name": "APPLE-SA-2007-03-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
          },
          {
            "name": "840",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/840"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "SUSE-SA:2006:036",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
          },
          {
            "name": "SUSE-SR:2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
          },
          {
            "name": "17780",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17780"
          },
          {
            "name": "MDKSA-2006:084",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
          },
          {
            "name": "20241",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20241"
          },
          {
            "name": "20762",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20762"
          },
          {
            "name": "mysql-login-packet-info-disclosure(26236)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
          },
          {
            "name": "236703",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
          },
          {
            "name": "SSA:2006-155-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
          },
          {
            "name": "20333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20333"
          },
          {
            "name": "1016017",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016017"
          },
          {
            "name": "20002",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20002"
          },
          {
            "name": "20223",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20223"
          },
          {
            "name": "20076",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20076"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.wisec.it/vulns.php?page=7"
          },
          {
            "name": "DSA-1071",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1071"
          },
          {
            "name": "ADV-2008-1326",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1326/references"
          },
          {
            "name": "ADV-2007-0930",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
          },
          {
            "name": "20253",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20253"
          },
          {
            "name": "USN-283-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/283-1/"
          },
          {
            "name": "20457",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20457"
          },
          {
            "name": "DSA-1073",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1073"
          },
          {
            "name": "29847",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29847"
          },
          {
            "name": "20625",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20625"
          },
          {
            "name": "RHSA-2006:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9918",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
          },
          {
            "name": "24479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24479"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-02T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T18:57:01.000Z",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "2006-0028",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0028"
        },
        {
          "name": "19929",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19929"
        },
        {
          "name": "20073",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20073"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/365938"
        },
        {
          "name": "TA07-072A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
        },
        {
          "name": "DSA-1079",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1079"
        },
        {
          "name": "ADV-2006-1633",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1633"
        },
        {
          "name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
        },
        {
          "name": "20424",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20424"
        },
        {
          "name": "GLSA-200605-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
        },
        {
          "name": "APPLE-SA-2007-03-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
        },
        {
          "name": "840",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/840"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=305214"
        },
        {
          "name": "SUSE-SA:2006:036",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
        },
        {
          "name": "SUSE-SR:2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
        },
        {
          "name": "17780",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17780"
        },
        {
          "name": "MDKSA-2006:084",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
        },
        {
          "name": "20241",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20241"
        },
        {
          "name": "20762",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20762"
        },
        {
          "name": "mysql-login-packet-info-disclosure(26236)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
        },
        {
          "name": "236703",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
        },
        {
          "name": "SSA:2006-155-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
        },
        {
          "name": "20333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20333"
        },
        {
          "name": "1016017",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016017"
        },
        {
          "name": "20002",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20002"
        },
        {
          "name": "20223",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20223"
        },
        {
          "name": "20076",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20076"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.wisec.it/vulns.php?page=7"
        },
        {
          "name": "DSA-1071",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1071"
        },
        {
          "name": "ADV-2008-1326",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1326/references"
        },
        {
          "name": "ADV-2007-0930",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0930"
        },
        {
          "name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
        },
        {
          "name": "20253",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20253"
        },
        {
          "name": "USN-283-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/283-1/"
        },
        {
          "name": "20457",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20457"
        },
        {
          "name": "DSA-1073",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1073"
        },
        {
          "name": "29847",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29847"
        },
        {
          "name": "20625",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20625"
        },
        {
          "name": "RHSA-2006:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9918",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
        },
        {
          "name": "24479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24479"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2006-1516",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "2006-0028",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2006/0028"
            },
            {
              "name": "19929",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19929"
            },
            {
              "name": "20073",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20073"
            },
            {
              "name": "http://bugs.debian.org/365938",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/365938"
            },
            {
              "name": "TA07-072A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
            },
            {
              "name": "DSA-1079",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1079"
            },
            {
              "name": "ADV-2006-1633",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1633"
            },
            {
              "name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
            },
            {
              "name": "20424",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20424"
            },
            {
              "name": "GLSA-200605-13",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
            },
            {
              "name": "APPLE-SA-2007-03-13",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
            },
            {
              "name": "840",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/840"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305214",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=305214"
            },
            {
              "name": "SUSE-SA:2006:036",
              "refsource": "SUSE",
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
            },
            {
              "name": "SUSE-SR:2006:012",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
            },
            {
              "name": "17780",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17780"
            },
            {
              "name": "MDKSA-2006:084",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
            },
            {
              "name": "20241",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20241"
            },
            {
              "name": "20762",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20762"
            },
            {
              "name": "mysql-login-packet-info-disclosure(26236)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
            },
            {
              "name": "236703",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
            },
            {
              "name": "SSA:2006-155-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
            },
            {
              "name": "20333",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20333"
            },
            {
              "name": "1016017",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016017"
            },
            {
              "name": "20002",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20002"
            },
            {
              "name": "20223",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20223"
            },
            {
              "name": "20076",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20076"
            },
            {
              "name": "http://www.wisec.it/vulns.php?page=7",
              "refsource": "MISC",
              "url": "http://www.wisec.it/vulns.php?page=7"
            },
            {
              "name": "DSA-1071",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1071"
            },
            {
              "name": "ADV-2008-1326",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1326/references"
            },
            {
              "name": "ADV-2007-0930",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0930"
            },
            {
              "name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
            },
            {
              "name": "20253",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20253"
            },
            {
              "name": "USN-283-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/283-1/"
            },
            {
              "name": "20457",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20457"
            },
            {
              "name": "DSA-1073",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1073"
            },
            {
              "name": "29847",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29847"
            },
            {
              "name": "20625",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20625"
            },
            {
              "name": "RHSA-2006:0544",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9918",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
            },
            {
              "name": "24479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24479"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2006-1516",
    "datePublished": "2006-05-05T14:00:00.000Z",
    "dateReserved": "2006-03-30T05:00:00.000Z",
    "dateUpdated": "2024-08-07T17:12:22.153Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-124

Vulnerability from certfr_avis - Published: 2007-03-14 - Updated: 2007-03-14

Plusieurs vulnérabilités affectent MacOS X. Les plus graves permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Plusieurs composants de MacOS X sont sujets à des vulnérabilités, les plus graves permettant à un attaquant distant d'exécuter du code arbitraire.

Les composants impactés sont : ColorSync (CVE-2007-0719), CoreGraphics, Crash Reporter (CVE-2007-0467), CUPS (CVE-2007-0720), Disk Images (CVE-2007-0721, CVE-2007-0722, CVE-2006-6061, CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299), DS Plug-Ins (CVE-2007-0723), Flash Player (CVE-2006-5330), GNU Tar (CVE-2006-0300, CVE-2006-6097), HFS (CVE-2007-0318), HID Family (CVE-2007-0724), ImageIO (CVE-2007-1071, CVE-2007-0733), Kernel (CVE-2006-5836, CVE-2006-6129, CVE-2006-6173), MySQL Server (CVE-2006-1516, CVE-2006-1517, CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226, CVE-2006-3469), Networking (CVE-2006-6130, CVE-2007-0236), OpenSSH (CVE-2007-0726, CVE-2006-0225, CVE-2006-4924, CVE-2006-5051, CVE-2006-5052), Printing (CVE-2007-0728), QuickDraw Manager (CVE-2007-0588), servermgrd (CVE-2007-0730), SMB File Server (CVE-2007-0731), Software Update (CVE-2007-0463), sudo (CVE-2005-2959), WebLog (CVE-2006-4829).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	macOS	MacOS X 10.3.9 et MacOS X Server 10.3.9 ;
	Apple	macOS	MacOS X 10.4 et MacOS X Server 10.4.

References

Title

Publication Time

Tags

Mise à jour de sécurité 2007-003 de MacOS X	None	vendor-advisory
Bulletin de sécurité Apple du 12 mars 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "MacOS X 10.3.9 et MacOS X Server 10.3.9 ;",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "MacOS X 10.4 et MacOS X Server 10.4.",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs composants de MacOS X sont sujets \u00e0 des vuln\u00e9rabilit\u00e9s, les\nplus graves permettant \u00e0 un attaquant distant d\u0027ex\u00e9cuter du code\narbitraire.  \n\nLes composants impact\u00e9s sont : ColorSync (CVE-2007-0719), CoreGraphics,\nCrash Reporter (CVE-2007-0467), CUPS (CVE-2007-0720), Disk Images\n(CVE-2007-0721, CVE-2007-0722, CVE-2006-6061, CVE-2006-6062,\nCVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299), DS Plug-Ins\n(CVE-2007-0723), Flash Player (CVE-2006-5330), GNU Tar (CVE-2006-0300,\nCVE-2006-6097), HFS (CVE-2007-0318), HID Family (CVE-2007-0724), ImageIO\n(CVE-2007-1071, CVE-2007-0733), Kernel (CVE-2006-5836, CVE-2006-6129,\nCVE-2006-6173), MySQL Server (CVE-2006-1516, CVE-2006-1517,\nCVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226,\nCVE-2006-3469), Networking (CVE-2006-6130, CVE-2007-0236), OpenSSH\n(CVE-2007-0726, CVE-2006-0225, CVE-2006-4924, CVE-2006-5051,\nCVE-2006-5052), Printing (CVE-2007-0728), QuickDraw Manager\n(CVE-2007-0588), servermgrd (CVE-2007-0730), SMB File Server\n(CVE-2007-0731), Software Update (CVE-2007-0463), sudo (CVE-2005-2959),\nWebLog (CVE-2006-4829).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3469"
    },
    {
      "name": "CVE-2006-6061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6061"
    },
    {
      "name": "CVE-2006-2753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-2753"
    },
    {
      "name": "CVE-2007-0722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0722"
    },
    {
      "name": "CVE-2007-0229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0229"
    },
    {
      "name": "CVE-2006-6173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6173"
    },
    {
      "name": "CVE-2007-0733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0733"
    },
    {
      "name": "CVE-2006-5836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5836"
    },
    {
      "name": "CVE-2007-0720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0720"
    },
    {
      "name": "CVE-2006-5052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5052"
    },
    {
      "name": "CVE-2006-3081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3081"
    },
    {
      "name": "CVE-2007-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0318"
    },
    {
      "name": "CVE-2007-0236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0236"
    },
    {
      "name": "CVE-2006-4829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4829"
    },
    {
      "name": "CVE-2006-1517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1517"
    },
    {
      "name": "CVE-2006-4924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4924"
    },
    {
      "name": "CVE-2005-2959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2959"
    },
    {
      "name": "CVE-2007-0728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0728"
    },
    {
      "name": "CVE-2006-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6129"
    },
    {
      "name": "CVE-2007-0267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0267"
    },
    {
      "name": "CVE-2007-0731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0731"
    },
    {
      "name": "CVE-2007-0726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0726"
    },
    {
      "name": "CVE-2006-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4226"
    },
    {
      "name": "CVE-2007-0299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0299"
    },
    {
      "name": "CVE-2007-0724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0724"
    },
    {
      "name": "CVE-2007-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1071"
    },
    {
      "name": "CVE-2006-4031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4031"
    },
    {
      "name": "CVE-2007-0588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0588"
    },
    {
      "name": "CVE-2006-1516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1516"
    },
    {
      "name": "CVE-2006-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5679"
    },
    {
      "name": "CVE-2007-0721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0721"
    },
    {
      "name": "CVE-2006-6130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6130"
    },
    {
      "name": "CVE-2006-5330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5330"
    },
    {
      "name": "CVE-2007-0730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0730"
    },
    {
      "name": "CVE-2006-0300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0300"
    },
    {
      "name": "CVE-2007-0719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0719"
    },
    {
      "name": "CVE-2006-6062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6062"
    },
    {
      "name": "CVE-2006-0225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0225"
    },
    {
      "name": "CVE-2006-5051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051"
    },
    {
      "name": "CVE-2007-0467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0467"
    },
    {
      "name": "CVE-2007-0463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0463"
    },
    {
      "name": "CVE-2006-6097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6097"
    },
    {
      "name": "CVE-2007-0723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0723"
    }
  ],
  "initial_release_date": "2007-03-14T00:00:00",
  "last_revision_date": "2007-03-14T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 12 mars 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    }
  ],
  "reference": "CERTA-2007-AVI-124",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-03-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectent MacOS X. Les plus graves permettent \u00e0\nune personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans MacOS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 2007-003 de MacOS X",
      "url": null
    }
  ]
}

CERTA-2006-AVI-182

Vulnerability from certfr_avis - Published: 2006-05-04 - Updated: 2006-06-28

Plusieurs vulnérabilités sont présentes dans MySQL. Ces vulnérabilités peuvent être exploitées par un utilisateur mal intentionné pour porter atteinte à l'intégrité des données ou exécuter du code arbitraire à distance.

Description

Deux vulnérabilités sont présentes dans le code traitant les paquets malformés COM_TABLE_DUMP peuvent être utilisée par un utilisateur déjà authentifié pour porter atteinte à l'intégrité des données ou pour exécuter du code arbitraire.

Une vulnérabilité dans le traitement des identifications invalides peut être exploitée par un utilisateur mal intentionné pour porter atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	MySQL	MySQL 4.x ;
	Oracle	MySQL	MySQL 5.x.

References

Title

Publication Time

Tags

Bulletins de sécurité MySQL	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SA:2006:036 du 23 juin 2006 :	-	other
Bulletin de sécurité Debian DSA-1079 du 29 mai 2006 :	-	other
Bulletin de sécurité Gentoo GLSA 200605-13 du 15 mai 2006 :	-	other
Bulletin de sécurité MySQL 4-1-19 :	-	other
Bulletin de sécurité MySQL 5-0-21 :	-	other
Bulletin de sécurité MySQL 5-1-10 :	-	other
Bulletin de sécurité SUSE SUSE-SR:2006:012 du 02 juin 2006 :	-	other
Bulletin de sécurité Debian DSA-1071 du 22 mai 2006 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:084 du 16 mai 2006 :	-	other
Bulletin de sécurité Debian DSA-1073 du 22 mai 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "MySQL 4.x ;",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL 5.x.",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans le code traitant les paquets\nmalform\u00e9s COM_TABLE_DUMP peuvent \u00eatre utilis\u00e9e par un utilisateur d\u00e9j\u00e0\nauthentifi\u00e9 pour porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es ou pour\nex\u00e9cuter du code arbitraire.  \n  \nUne vuln\u00e9rabilit\u00e9 dans le traitement des identifications invalides peut\n\u00eatre exploit\u00e9e par un utilisateur mal intentionn\u00e9 pour porter atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-1517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1517"
    },
    {
      "name": "CVE-2006-1518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1518"
    },
    {
      "name": "CVE-2006-1516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1516"
    }
  ],
  "initial_release_date": "2006-05-04T00:00:00",
  "last_revision_date": "2006-06-28T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SA:2006:036 du 23 juin 2006    :",
      "url": "http://www.novell.com/linux/security/advisories/2006_36_mysql.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1079 du 29 mai 2006 :",
      "url": "http://www.debian.org/security/2006/dsa-1079"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200605-13 du 15 mai 2006 :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 MySQL 4-1-19 :",
      "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 MySQL 5-0-21 :",
      "url": "http://dev.mysql.com/doc/connector/j/en/news-5-0-21.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 MySQL 5-1-10 :",
      "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-10.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SR:2006:012 du 02 juin 2006    :",
      "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1071 du 22 mai 2006 :",
      "url": "http://www.debian.org/security/2006/dsa-1071"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:084 du 16 mai 2006    :",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1073 du 22 mai 2006 :",
      "url": "http://www.debian.org/security/2006/dsa-1073"
    }
  ],
  "reference": "CERTA-2006-AVI-182",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2006-05-04T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences CVE et de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Mandriva ;",
      "revision_date": "2006-05-16T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Debian.",
      "revision_date": "2006-05-24T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, Debian et SUSE.",
      "revision_date": "2006-06-08T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 SUSE.",
      "revision_date": "2006-06-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans MySQL. Ces vuln\u00e9rabilit\u00e9s\npeuvent \u00eatre exploit\u00e9es par un utilisateur mal intentionn\u00e9 pour porter\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es ou ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n",
  "title": "Mutliples vuln\u00e9rabilit\u00e9s sur MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 MySQL",
      "url": null
    }
  ]
}

GSD-2006-1516

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-1516

Aliases

CVE-2006-1516

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-1516",
    "description": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.",
    "id": "GSD-2006-1516",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-1516.html",
      "https://www.debian.org/security/2006/dsa-1079",
      "https://www.debian.org/security/2006/dsa-1073",
      "https://www.debian.org/security/2006/dsa-1071",
      "https://access.redhat.com/errata/RHSA-2006:0544"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-1516"
      ],
      "details": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.",
      "id": "GSD-2006-1516",
      "modified": "2023-12-13T01:19:55.719454Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@debian.org",
        "ID": "CVE-2006-1516",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "2006-0028",
            "refsource": "TRUSTIX",
            "url": "http://www.trustix.org/errata/2006/0028"
          },
          {
            "name": "19929",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/19929"
          },
          {
            "name": "20073",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20073"
          },
          {
            "name": "http://bugs.debian.org/365938",
            "refsource": "CONFIRM",
            "url": "http://bugs.debian.org/365938"
          },
          {
            "name": "TA07-072A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "name": "DSA-1079",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1079"
          },
          {
            "name": "ADV-2006-1633",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1633"
          },
          {
            "name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
          },
          {
            "name": "20424",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20424"
          },
          {
            "name": "GLSA-200605-13",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
          },
          {
            "name": "APPLE-SA-2007-03-13",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
          },
          {
            "name": "840",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/840"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=305214",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "SUSE-SA:2006:036",
            "refsource": "SUSE",
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
          },
          {
            "name": "SUSE-SR:2006:012",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
          },
          {
            "name": "17780",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/17780"
          },
          {
            "name": "MDKSA-2006:084",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
          },
          {
            "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html",
            "refsource": "CONFIRM",
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
          },
          {
            "name": "20241",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20241"
          },
          {
            "name": "20762",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20762"
          },
          {
            "name": "mysql-login-packet-info-disclosure(26236)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
          },
          {
            "name": "236703",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
          },
          {
            "name": "SSA:2006-155-01",
            "refsource": "SLACKWARE",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
          },
          {
            "name": "20333",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20333"
          },
          {
            "name": "1016017",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016017"
          },
          {
            "name": "20002",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20002"
          },
          {
            "name": "20223",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20223"
          },
          {
            "name": "20076",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20076"
          },
          {
            "name": "http://www.wisec.it/vulns.php?page=7",
            "refsource": "MISC",
            "url": "http://www.wisec.it/vulns.php?page=7"
          },
          {
            "name": "DSA-1071",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1071"
          },
          {
            "name": "ADV-2008-1326",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1326/references"
          },
          {
            "name": "ADV-2007-0930",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
          },
          {
            "name": "20253",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20253"
          },
          {
            "name": "USN-283-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/283-1/"
          },
          {
            "name": "20457",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20457"
          },
          {
            "name": "DSA-1073",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2006/dsa-1073"
          },
          {
            "name": "29847",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29847"
          },
          {
            "name": "20625",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20625"
          },
          {
            "name": "RHSA-2006:0544",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9918",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
          },
          {
            "name": "24479",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/24479"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2006-1516"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.wisec.it/vulns.php?page=7",
              "refsource": "MISC",
              "tags": [
                "Patch"
              ],
              "url": "http://www.wisec.it/vulns.php?page=7"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
            },
            {
              "name": "http://bugs.debian.org/365938",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://bugs.debian.org/365938"
            },
            {
              "name": "1016017",
              "refsource": "SECTRACK",
              "tags": [
                "Patch"
              ],
              "url": "http://securitytracker.com/id?1016017"
            },
            {
              "name": "19929",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/19929"
            },
            {
              "name": "17780",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/17780"
            },
            {
              "name": "20002",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20002"
            },
            {
              "name": "GLSA-200605-13",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
            },
            {
              "name": "MDKSA-2006:084",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
            },
            {
              "name": "20073",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20073"
            },
            {
              "name": "20076",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20076"
            },
            {
              "name": "DSA-1071",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1071"
            },
            {
              "name": "2006-0028",
              "refsource": "TRUSTIX",
              "tags": [],
              "url": "http://www.trustix.org/errata/2006/0028"
            },
            {
              "name": "20223",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20223"
            },
            {
              "name": "DSA-1073",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1073"
            },
            {
              "name": "20241",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20241"
            },
            {
              "name": "20253",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20253"
            },
            {
              "name": "DSA-1079",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1079"
            },
            {
              "name": "20333",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20333"
            },
            {
              "name": "SSA:2006-155-01",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
            },
            {
              "name": "SUSE-SR:2006:012",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
            },
            {
              "name": "20424",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20424"
            },
            {
              "name": "20457",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20457"
            },
            {
              "name": "RHSA-2006:0544",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
            },
            {
              "name": "20625",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20625"
            },
            {
              "name": "SUSE-SA:2006:036",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
            },
            {
              "name": "20762",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20762"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305214",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=305214"
            },
            {
              "name": "24479",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24479"
            },
            {
              "name": "APPLE-SA-2007-03-13",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
            },
            {
              "name": "TA07-072A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
            },
            {
              "name": "840",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/840"
            },
            {
              "name": "236703",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
            },
            {
              "name": "29847",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29847"
            },
            {
              "name": "ADV-2007-0930",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0930"
            },
            {
              "name": "ADV-2006-1633",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1633"
            },
            {
              "name": "ADV-2008-1326",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1326/references"
            },
            {
              "name": "mysql-login-packet-info-disclosure(26236)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
            },
            {
              "name": "oval:org.mitre.oval:def:9918",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
            },
            {
              "name": "USN-283-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/283-1/"
            },
            {
              "name": "20060516 UPDATE: [ GLSA 200605-13 ] MySQL: Information leakage",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
            },
            {
              "name": "20060502 MySQL Anonymous Login Handshake - Information Leakage.",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-12-17T20:16Z",
      "publishedDate": "2006-05-05T12:46Z"
    }
  }
}

FKIE_CVE-2006-1516

Vulnerability from fkie_nvd - Published: 2006-05-05 12:46 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
security@debian.org	http://bugs.debian.org/365938
security@debian.org	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html	Patch
security@debian.org	http://docs.info.apple.com/article.html?artnum=305214
security@debian.org	http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
security@debian.org	http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
security@debian.org	http://secunia.com/advisories/19929	Patch, Vendor Advisory
security@debian.org	http://secunia.com/advisories/20002
security@debian.org	http://secunia.com/advisories/20073
security@debian.org	http://secunia.com/advisories/20076
security@debian.org	http://secunia.com/advisories/20223
security@debian.org	http://secunia.com/advisories/20241
security@debian.org	http://secunia.com/advisories/20253
security@debian.org	http://secunia.com/advisories/20333
security@debian.org	http://secunia.com/advisories/20424
security@debian.org	http://secunia.com/advisories/20457
security@debian.org	http://secunia.com/advisories/20625
security@debian.org	http://secunia.com/advisories/20762
security@debian.org	http://secunia.com/advisories/24479
security@debian.org	http://secunia.com/advisories/29847
security@debian.org	http://securityreason.com/securityalert/840
security@debian.org	http://securitytracker.com/id?1016017	Patch
security@debian.org	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
security@debian.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
security@debian.org	http://www.debian.org/security/2006/dsa-1071
security@debian.org	http://www.debian.org/security/2006/dsa-1073
security@debian.org	http://www.debian.org/security/2006/dsa-1079
security@debian.org	http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
security@debian.org	http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
security@debian.org	http://www.novell.com/linux/security/advisories/2006-06-02.html
security@debian.org	http://www.redhat.com/support/errata/RHSA-2006-0544.html
security@debian.org	http://www.securityfocus.com/archive/1/432733/100/0/threaded
security@debian.org	http://www.securityfocus.com/archive/1/434164/100/0/threaded
security@debian.org	http://www.securityfocus.com/bid/17780
security@debian.org	http://www.trustix.org/errata/2006/0028
security@debian.org	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	US Government Resource
security@debian.org	http://www.vupen.com/english/advisories/2006/1633
security@debian.org	http://www.vupen.com/english/advisories/2007/0930
security@debian.org	http://www.vupen.com/english/advisories/2008/1326/references
security@debian.org	http://www.wisec.it/vulns.php?page=7	Patch
security@debian.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/26236
security@debian.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918
security@debian.org	https://usn.ubuntu.com/283-1/
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/365938
af854a3a-2127-422b-91ae-364da2661108	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=305214
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19929	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20002
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20073
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20076
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20223
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20241
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20253
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20333
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20424
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20457
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20625
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20762
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24479
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29847
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/840
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016017	Patch
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1071
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1073
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1079
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006-06-02.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0544.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/432733/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/434164/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17780
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2006/0028
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-072A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1633
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0930
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1326/references
af854a3a-2127-422b-91ae-364da2661108	http://www.wisec.it/vulns.php?page=7	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/26236
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/283-1/

Impacted products

Vendor	Product	Version
mysql	mysql	4.1.0
mysql	mysql	4.1.3
mysql	mysql	4.1.8
mysql	mysql	4.1.10
mysql	mysql	4.1.12
mysql	mysql	4.1.13
mysql	mysql	4.1.14
mysql	mysql	4.1.15
mysql	mysql	5.0.1
mysql	mysql	5.0.2
mysql	mysql	5.0.3
mysql	mysql	5.0.4
mysql	mysql	5.0.5
mysql	mysql	5.0.10
mysql	mysql	5.0.15
mysql	mysql	5.0.16
mysql	mysql	5.0.17
oracle	mysql	4.0.0
oracle	mysql	4.0.1
oracle	mysql	4.0.2
oracle	mysql	4.0.3
oracle	mysql	4.0.4
oracle	mysql	4.0.5
oracle	mysql	4.0.5a
oracle	mysql	4.0.6
oracle	mysql	4.0.7
oracle	mysql	4.0.7
oracle	mysql	4.0.8
oracle	mysql	4.0.8
oracle	mysql	4.0.9
oracle	mysql	4.0.9
oracle	mysql	4.0.10
oracle	mysql	4.0.11
oracle	mysql	4.0.11
oracle	mysql	4.0.12
oracle	mysql	4.0.13
oracle	mysql	4.0.14
oracle	mysql	4.0.15
oracle	mysql	4.0.16
oracle	mysql	4.0.17
oracle	mysql	4.0.18
oracle	mysql	4.0.19
oracle	mysql	4.0.20
oracle	mysql	4.0.21
oracle	mysql	4.0.23
oracle	mysql	4.0.24
oracle	mysql	4.0.25
oracle	mysql	4.0.26
oracle	mysql	4.1.0
oracle	mysql	4.1.2
oracle	mysql	4.1.3
oracle	mysql	4.1.4
oracle	mysql	4.1.5
oracle	mysql	4.1.6
oracle	mysql	4.1.7
oracle	mysql	4.1.9
oracle	mysql	4.1.11
oracle	mysql	4.1.16
oracle	mysql	4.1.17
oracle	mysql	4.1.18
oracle	mysql	5.0.0
oracle	mysql	5.0.3
oracle	mysql	5.0.6
oracle	mysql	5.0.7
oracle	mysql	5.0.8
oracle	mysql	5.0.9
oracle	mysql	5.0.11
oracle	mysql	5.0.12
oracle	mysql	5.0.13
oracle	mysql	5.0.14
oracle	mysql	5.0.18

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEDB808-A8D8-403E-9103-AB486C793EF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1CEA0B-1234-4166-BD32-CCBB4016A9BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADBEDF5A-5205-4012-B9B8-0FA304E7119A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF35900-4051-4E07-9BFA-347BEAB8AB67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC969A5-52CC-44F2-A929-DE559A5D7624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A4D224C-8ABF-41A0-A7BE-C10C2387DE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DD36E9E-89A0-42C2-AC50-7A5BC53B3D0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93CE88F-2941-4A08-9472-359CF214F81C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77A2761-2B44-4061-9C29-A54F90A1AD83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B3AD851-056F-4E57-B85B-4AC5A5A20C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD24EA8C-4FCA-4F40-B2EA-7DFA49432483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "754B78F2-A03C-40BE-812B-F5E57B93D20B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "575039BD-A8B6-4459-B5F0-F220A94650EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "542B23CB-7535-4EF7-B926-466A5161A0D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "45E686C3-4100-465C-9F45-068580B496E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9F09D8-6FAE-4A5B-AE04-248CD52C5FF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB618DB2-6B00-4E99-8232-937D2C51986B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41BEAD26-ADDC-4FC6-A493-584315183936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "153E8DFB-4197-4117-87C6-C0FBE3C05600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "765BF98E-7AB1-45EA-9935-2C311E621211",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCDCB80C-60B8-468E-A689-2C9DFF1F51C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "22408224-0634-4CC6-888F-892E9D932CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2646B4-593E-4AC9-8292-1AD805632DC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD959AEC-EE71-4E86-9AD0-ED6FF45AC848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30EC061-A04C-4402-91A0-B7E8DA9DBA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5E12B3-F6CA-48CE-96C9-9B63EDB91C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "4D57E557-7F6D-4618-86AC-B10C08341900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ECE1A40-0603-421E-BCCF-111EC3C2BCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "B657610A-8EDB-407B-A81F-C3CDF2EF6ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EC10CD2-B9A3-46DD-839E-C7FB6647155F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "E4D5D4B9-B831-4DDD-8FDD-3D14F167822A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC21395-4C78-4343-9452-578B24C2656D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BC82AF-5E80-4AE4-A765-9D3725D9E5F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*",
              "matchCriteriaId": "8CF2E25B-8689-4396-9C2B-99EEF4AB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5032D74E-CC8D-4217-AEF0-98DCD1820AE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46FEF7C-18DD-4C64-AFA3-0626A8CE2B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3340604-0D38-4494-847B-E9E8B0026A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC117BF1-3127-477A-9500-C9A32596ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC54D7B3-DC9B-43AC-BE10-565BDF292A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A7AC36-4E5D-483B-939E-257FDEDE48EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FED5BA55-FF4F-4F89-89B1-554624DDA1AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2CEF98-8561-42D2-BCE5-3AAE4DC81ACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "E00312DA-AB34-4E5B-AB7C-71AA3AD0AC8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A0C43BB-81C6-496F-AC7B-61382DE76B71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C9FF055-99BC-4E15-80C8-80FEF3CBA990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6ED2E0A-37C6-4BD2-87B0-FD3E6D0C2108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6132F5E-ADE6-44C2-85BD-17408594789F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B6779AC-EF41-46B5-8B26-07FA2537E5B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "1D3D4850-19F0-4FAF-B0DE-09ECBE6DCF92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "BB7196E5-8483-4872-A78A-8BE7EC551CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "14DDA057-D211-42BD-B8AF-F250F1C5B88C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "32CA2F70-77E4-4280-B845-4CE5774162C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA788329-9A66-49EA-B7E4-E465C0E7E320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C06765-D153-4D4D-B8CD-DB2E386E082B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4297E6B7-6C5A-4D52-A66B-F9D1AE17E988",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "141D83A9-89C2-456F-B70D-F274EBE3EAC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0670E6AA-28B1-4B0C-84F9-F3F9F3E6ABDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6769975-47A4-4D0A-9181-F59776D13D38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E942FA-A458-4607-B48D-FCA112AFF1CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:4.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E241159-FAA4-4DCF-AB68-BE36DF95D59A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "19001041-22C4-4D2C-A918-378DACBB1DF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "6F610D56-6BB6-48FB-B43A-670CE9168500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1668BB5B-E7FB-4430-B8D5-89E308F5DD39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F44DA1-1509-4AC7-AB6B-2B2A834A16AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A2D6DF6-FE5D-428F-BCEB-E7832C2B4FE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7777E919-FD4B-452B-88D7-165410C703F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56ACB60-EC2C-45AF-B923-B3A90A2F7AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "67C52D66-3BCA-4854-BF09-CB6DF1AC0E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF54CC8D-B736-461D-B693-686E862EF969",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E5EADE4-9E1B-4A1C-B3B5-ACF1287A19E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:5.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "053ACE9B-A146-42C0-ADB2-47F6119965D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read."
    }
  ],
  "id": "CVE-2006-1516",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-05-05T12:46:00.000",
  "references": [
    {
      "source": "security@debian.org",
      "url": "http://bugs.debian.org/365938"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "security@debian.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19929"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20002"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20073"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20076"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20223"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20241"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20253"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20333"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20424"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20457"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20625"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/20762"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/29847"
    },
    {
      "source": "security@debian.org",
      "url": "http://securityreason.com/securityalert/840"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016017"
    },
    {
      "source": "security@debian.org",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
    },
    {
      "source": "security@debian.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2006/dsa-1071"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2006/dsa-1073"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2006/dsa-1079"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/bid/17780"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.trustix.org/errata/2006/0028"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.vupen.com/english/advisories/2006/1633"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.vupen.com/english/advisories/2008/1326/references"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.wisec.it/vulns.php?page=7"
    },
    {
      "source": "security@debian.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
    },
    {
      "source": "security@debian.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
    },
    {
      "source": "security@debian.org",
      "url": "https://usn.ubuntu.com/283-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/365938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20762"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/840"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1071"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1326/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.wisec.it/vulns.php?page=7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/283-1/"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-8Q78-357R-R6M7

Vulnerability from github – Published: 2022-05-01 06:50 – Updated: 2025-04-03 04:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-1516"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-05-05T12:46:00Z",
    "severity": "MODERATE"
  },
  "details": "The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.",
  "id": "GHSA-8q78-357r-r6m7",
  "modified": "2025-04-03T04:31:48Z",
  "published": "2022-05-01T06:50:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1516"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26236"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9918"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/283-1"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/365938"
    },
    {
      "type": "WEB",
      "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=305214"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19929"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20002"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20073"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20076"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20223"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20241"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20253"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20333"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20424"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20457"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20625"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20762"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24479"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29847"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/840"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016017"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.599377"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1071"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1073"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1079"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:084"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0544.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/432733/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/434164/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17780"
    },
    {
      "type": "WEB",
      "url": "http://www.trustix.org/errata/2006/0028"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1633"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/0930"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1326/references"
    },
    {
      "type": "WEB",
      "url": "http://www.wisec.it/vulns.php?page=7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-1516 (GCVE-0-2006-1516)

CERTA-2007-AVI-124

Description

Solution

CERTA-2006-AVI-182

Description

Solution

GSD-2006-1516

FKIE_CVE-2006-1516

GHSA-8Q78-357R-R6M7

Tags

Sightings

Nomenclature