mysql_buff_overflow.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

#  This script was written by David Maciejak <david dot maciejak at kyxar dot fr>
#  based on work from
#  (C) Tenable Netwok Security
#
#  Ref: Lukasz Wojtow
#
# This script is released under the GNU GPLv2

if(description)
{
 script_id(14319);
 script_cve_id("CVE-2004-0836");
 script_bugtraq_id(10981);
 script_version ("$Revision: 38 $");

 
 name["english"] = "MySQL buffer overflow";
 script_name(english:name["english"], francais:name["francais"]);
 
 desc["english"] = "
You are running a version of MySQL which is older than 4.0.21.

MySQL is a database which runs on both Linux/BSD and Windows platform.
This version is vulnerable to a length overflow within it's 
mysql_real_connect() function.  The overflow is due to an error in the
processing of a return Domain (DNS) record.  An attacker, exploiting
this flaw, would need to control a DNS server which would be queried
by the MySQL server.  A successful attack would give the attacker
the ability to execute arbitrary code on the remote machine.

Risk factor : Medium
Solution : Upgrade to the latest version of MySQL 4.0.21 or newer";

	


 script_description(english:desc["english"]);
 
 summary["english"] = "Checks for the remote MySQL version";
 summary["francais"] = "V閞ifie la version de MySQL";
 script_summary(english:summary["english"], francais:summary["francais"]);
 
 script_category(ACT_GATHER_INFO);
 
 
 script_copyright(english:"This script is Copyright (C) 2004 David Maciejak",
		francais:"Ce script est Copyright (C) 2003 David Maciejak");
 family["english"] = "Gain a shell remotely";
 family["francais"] = "Obtenir un shell