Remote Code Execution Vulnerability in MySQL Server
CVE-2002-1375

Currently unrated

Key Information:

Vendor
Symantec Veritas
Status
Netbackup Global Data Manager
Netbackup Advanced Reporter
Mysql
Vendor
CVE Published:
23 December 2002

Summary

The COM_CHANGE_USER command in MySQL versions prior to 3.23.54 and from 4.0.0 to 4.0.6 contains a vulnerability that permits remote attackers to take control of affected systems. By sending a specially crafted response, attackers can execute arbitrary code, jeopardizing the integrity and security of the database server. It is crucial for administrators to apply security updates and patches to mitigate this risk effectively.

References

http://marc.info/?l=bugtraq&m=103971644013961&w=2
mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=104005886114500&w=2
mailing-listx_refsource_BUGTRAQ
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...
vendor-advisoryx_refsource_CONECTIVA

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2002-1375 : Remote Code Execution Vulnerability in MySQL Server | SecurityVulnerability.io