CVE-2009-2446

MySQL <5.0.83 - DoS

Title source: llm

Description

Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kingcope · cdoslinux

https://www.exploit-db.com/exploits/33077

View Code ZIP pw:eip

References (18)

[Exploit] http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html

[Mailing List] http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

[Vendor Advisory] http://secunia.com/advisories/35767

[Vendor Advisory] http://support.apple.com/kb/HT4077

[Various Sources] http://ubuntu.com/usn/usn-897-1

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2009:179

[Patch] http://www.osvdb.org/55734

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2009-1289.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2010-0110.html

[Exploit] http://www.securityfocus.com/bid/35609

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1397-1

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/51614

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/504799/100/0/threaded

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1022533

[Third Party Advisory] http://secunia.com/advisories/36566

[Third Party Advisory] http://secunia.com/advisories/38517

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/1857

Scores

EPSS 0.0727

EPSS Percentile 91.7%

Details

CWE

CWE-134

Status published

Products (46)

mysql/mysql 4.1.0

mysql/mysql 4.1.2

mysql/mysql 4.1.3

mysql/mysql 4.1.8

mysql/mysql 4.1.10

mysql/mysql 4.1.12

mysql/mysql 4.1.13

mysql/mysql 4.1.14

mysql/mysql 4.1.15

mysql/mysql 4.1.23

... and 36 more

Published Jul 13, 2009

Tracked Since Feb 18, 2026