Description
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by 1dt.w0lf · textremotelinux
https://www.exploit-db.com/exploits/27326
References (25)
Core 25
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:064
Various Sources x_refsource_confirm
http://bugs.mysql.com/bug.php?id=17667
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9915
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1079
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19034
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0653.html
Various Sources x_refsource_misc
http://rst.void.ru/papers/advisory39.txt
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-274-2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16850
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20241
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/274-1/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015693
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20333
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19502
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30351
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1071
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0083.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0752
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20253
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19814
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1073
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0364.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20625
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24966
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0544.html
Scores
EPSS
0.0024
EPSS Percentile
47.5%
Details
Status
published
Products (50)
mysql/mysql
4.1.0
mysql/mysql
4.1.3
mysql/mysql
4.1.8
mysql/mysql
4.1.10
mysql/mysql
4.1.12
mysql/mysql
4.1.13
mysql/mysql
4.1.14
mysql/mysql
4.1.15
mysql/mysql
5.0.1
mysql/mysql
5.0.2
... and 40 more
Published
Feb 27, 2006
Tracked Since
Feb 18, 2026