Vulnerabilities > CVE-2004-2149 - Remote Buffer Overflow vulnerability in MySQL Bounded Parameter Statement Execution
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Databases |
| NASL id | MYSQL_BOUNDED_PARAM_OVERFLOW.NASL |
| description | You are running a version of MySQL 4.1.x, which is older than version 4.1.5. There is a flaw in the remote version of this software that could allow an attacker to crash the affected service, thus denying access to legitimate users. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 14831 |
| published | 2004-09-27 |
| reporter | This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/14831 |
| title | MySQL libmysqlclient Prepared Statements API Overflow |