Vulnerabilities > CVE-2004-2149 - Unspecified vulnerability in Oracle Mysql 4.1.3/4.1.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN oracle
nessus
Summary
Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Databases |
| NASL id | MYSQL_BOUNDED_PARAM_OVERFLOW.NASL |
| description | You are running a version of MySQL 4.1.x, which is older than version 4.1.5. There is a flaw in the remote version of this software that could allow an attacker to crash the affected service, thus denying access to legitimate users. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 14831 |
| published | 2004-09-27 |
| reporter | This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/14831 |
| title | MySQL libmysqlclient Prepared Statements API Overflow |
References
- http://bugs.mysql.com/bug.php?id=5194
- http://bugs.mysql.com/bug.php?id=5194
- http://dev.mysql.com/doc/mysql/en/news-4-1-5.html
- http://dev.mysql.com/doc/mysql/en/news-4-1-5.html
- http://securitytracker.com/id?1011408
- http://securitytracker.com/id?1011408
- http://www.osvdb.org/10244
- http://www.osvdb.org/10244
- http://www.securityfocus.com/bid/11261
- http://www.securityfocus.com/bid/11261
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17493