CVE-2005-0684

Mysql Maxdb - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16791

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by hdm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/maxdb_webdbm_get_overflow.rb

View Code ZIP pw:eip

References (4)

[Patch, Vendor Advisory] http://dev.mysql.com/doc/maxdb/changes/changes_7.5.00.26.html#WebDAV

[Patch, Vendor Advisory] http://www.idefense.com/application/poi/display?id=234&type=vulnerabilities

[Patch, Vendor Advisory] http://www.idefense.com/application/poi/display?id=235&type=vulnerabilities

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/13368

Scores

EPSS 0.7181

EPSS Percentile 98.7%

Details

Status published

Products (10)

mysql/maxdb 7.5.00

mysql/maxdb 7.5.00.08

mysql/maxdb 7.5.00.11

mysql/maxdb 7.5.00.12

mysql/maxdb 7.5.00.14

mysql/maxdb 7.5.00.15

mysql/maxdb 7.5.00.16

mysql/maxdb 7.5.00.18

mysql/maxdb 7.5.00.19

mysql/maxdb 7.5.00.23

Published Apr 25, 2005

Tracked Since Feb 18, 2026