CVE-2003-0780

MySQL <4.0.14 & <3.23.x - RCE

Title source: llm

Description

Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

Exploits (2)

exploitdb WORKING POC VERIFIED
by bkbll · cremotelinux
https://www.exploit-db.com/exploits/98
exploitdb WORKING POC VERIFIED
by Frank DENIS · textdoslinux
https://www.exploit-db.com/exploits/23138

References (11)

Scores

EPSS 0.7086
EPSS Percentile 98.7%

Details

Status published
Products (49)
conectiva/linux 7.0
conectiva/linux 8.0
conectiva/linux 9.0
mysql/mysql 4.1.0
oracle/mysql 3.23
oracle/mysql 3.23.2
oracle/mysql 3.23.3
oracle/mysql 3.23.4
oracle/mysql 3.23.5
oracle/mysql 3.23.8
... and 39 more
Published Sep 22, 2003
Tracked Since Feb 18, 2026