Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

DB:MYSQL:LOGIN-INFO-DISCLOSURE

Severity

Major

Recommended

No

Recommended Action

Drop

Category

DB

Keywords

MySQL Login Handshake Information Disclosure

Release Date

2013/08/07

Update Number

2288

Supported Platforms

idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DB: MySQL Login Handshake Information Disclosure


This signature detects attempts to exploit a known vulnerability against MySQL Database Server. A successful attack can lead to information disclosure. Attackers can exploit this issue to obtain sensitive information that may lead to future attacks.

Extended Description

MySQL is prone to multiple remote vulnerabilities: 1. A buffer-overflow vulnerability occurs because the software fails to perform sufficient boundary checks of user-supplied data before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code in the context of affected database servers. Failed exploit attempts will likely crash the server, denying further service to legitimate users. 2. Two information-disclosure vulnerabilities occur because the software fails to sufficiently sanitize and check boundaries of user-supplied data. These issues allow remote users to gain access to potentially sensitive information that may aid in further attacks.

Affected Products

  • Apple mac_os_x_server 10.4.0
  • Apple mac_os_x_server 10.4.1
  • Apple mac_os_x_server 10.4.2
  • Apple mac_os_x_server 10.4.3
  • Apple mac_os_x_server 10.4.4
  • Apple mac_os_x_server 10.4.5
  • Apple mac_os_x_server 10.4.6
  • Apple mac_os_x_server 10.4.7
  • Apple mac_os_x_server 10.4.8
  • Avaya interactive_response 2.0
  • Avaya interactive_response 3.0
  • Debian linux 3.0.0
  • Debian linux 3.0.0 Alpha
  • Debian linux 3.0.0 Arm
  • Debian linux 3.0.0 Hppa
  • Debian linux 3.0.0 Ia-32
  • Debian linux 3.0.0 Ia-64
  • Debian linux 3.0.0 M68k
  • Debian linux 3.0.0 Mips
  • Debian linux 3.0.0 Mipsel
  • Debian linux 3.0.0 Ppc
  • Debian linux 3.0.0 S/390
  • Debian linux 3.0.0 Sparc
  • Debian linux 3.1.0
  • Debian linux 3.1.0 Alpha
  • Debian linux 3.1.0 Amd64
  • Debian linux 3.1.0 Arm
  • Debian linux 3.1.0 Hppa
  • Debian linux 3.1.0 Ia-32
  • Debian linux 3.1.0 Ia-64
  • Debian linux 3.1.0 M68k
  • Debian linux 3.1.0 Mips
  • Debian linux 3.1.0 Mipsel
  • Debian linux 3.1.0 Ppc
  • Debian linux 3.1.0 S/390
  • Debian linux 3.1.0 Sparc
  • Gentoo linux
  • Mandriva corporate_server 3.0.0
  • Mandriva corporate_server 3.0.0 X86 64
  • Mandriva linux_mandrake 10.2.0
  • Mandriva linux_mandrake 10.2.0 X86 64
  • Mandriva linux_mandrake 2006.0.0
  • Mandriva linux_mandrake 2006.0.0 X86 64
  • Mandriva multi_network_firewall 2.0.0
  • Mysql_ab mysql 4.0.0 .0
  • Mysql_ab mysql 4.0.1
  • Mysql_ab mysql 4.0.10
  • Mysql_ab mysql 4.0.11
  • Mysql_ab mysql 4.0.11 -Gamma
  • Mysql_ab mysql 4.0.12
  • Mysql_ab mysql 4.0.13
  • Mysql_ab mysql 4.0.14
  • Mysql_ab mysql 4.0.15
  • Mysql_ab mysql 4.0.17
  • Mysql_ab mysql 4.0.18
  • Mysql_ab mysql 4.0.2
  • Mysql_ab mysql 4.0.20
  • Mysql_ab mysql 4.0.21
  • Mysql_ab mysql 4.0.23
  • Mysql_ab mysql 4.0.24
  • Mysql_ab mysql 4.0.25
  • Mysql_ab mysql 4.0.26
  • Mysql_ab mysql 4.0.3
  • Mysql_ab mysql 4.0.4
  • Mysql_ab mysql 4.0.5
  • Mysql_ab mysql 4.0.5 A
  • Mysql_ab mysql 4.0.6
  • Mysql_ab mysql 4.0.7
  • Mysql_ab mysql 4.0.7 -Gamma
  • Mysql_ab mysql 4.0.8
  • Mysql_ab mysql 4.0.8 -Gamma
  • Mysql_ab mysql 4.0.9
  • Mysql_ab mysql 4.0.9 -Gamma
  • Mysql_ab mysql 4.1.0-0
  • Mysql_ab mysql 4.1.0.0-Alpha
  • Mysql_ab mysql 4.1.0 .11
  • Mysql_ab mysql 4.1.10A
  • Mysql_ab mysql 4.1.11A
  • Mysql_ab mysql 4.1.13
  • Mysql_ab mysql 4.1.18
  • Mysql_ab mysql 4.1.2 -Alpha
  • Mysql_ab mysql 4.1.3 -0
  • Mysql_ab mysql 4.1.3 -Beta
  • Mysql_ab mysql 4.1.4
  • Mysql_ab mysql 4.1.5
  • Mysql_ab mysql 5.0.0 .0-0
  • Mysql_ab mysql 5.0.0 .0-Alpha
  • Mysql_ab mysql 5.0.1
  • Mysql_ab mysql 5.0.18
  • Mysql_ab mysql 5.0.2
  • Mysql_ab mysql 5.0.20
  • Mysql_ab mysql 5.0.3
  • Mysql_ab mysql 5.0.4
  • Mysql_ab mysql 5.1.9
  • Red_hat desktop 4.0.0
  • Red_hat enterprise_linux_as 4
  • Red_hat enterprise_linux_es 4
  • Red_hat enterprise_linux_ws 4
  • Slackware linux 10.0.0
  • Slackware linux 10.1.0
  • Slackware linux 10.2.0
  • Slackware linux 9.1.0
  • Sun solaris 10 Sparc
  • Sun solaris 10 X86
  • Suse linux_desktop 1.0.0
  • Suse linux_personal 10.0.0 OSS
  • Suse linux_personal 10.1
  • Suse linux_personal 9.0.0
  • Suse linux_personal 9.0.0 X86 64
  • Suse linux_personal 9.1.0
  • Suse linux_personal 9.1.0 X86 64
  • Suse linux_personal 9.2.0
  • Suse linux_personal 9.2.0 X86 64
  • Suse linux_personal 9.3.0
  • Suse linux_personal 9.3.0 X86 64
  • Suse linux_professional 10.0.0
  • Suse linux_professional 10.0.0 OSS
  • Suse linux_professional 10.1
  • Suse linux_professional 9.0.0
  • Suse linux_professional 9.0.0 X86 64
  • Suse linux_professional 9.1.0
  • Suse linux_professional 9.1.0 X86 64
  • Suse linux_professional 9.2.0
  • Suse linux_professional 9.2.0 X86 64
  • Suse linux_professional 9.3.0
  • Suse linux_professional 9.3.0 X86 64
  • Suse novell_linux_desktop 9.0.0
  • Suse open-enterprise-server 9.0.0
  • Suse suse_linux_enterprise_server 8
  • Suse suse_linux_enterprise_server 9
  • Suse suse_linux_openexchange_server 4.0.0
  • Suse suse_linux_retail_solution 8.0.0
  • Suse suse_linux_school_server_for_i386
  • Suse suse_linux_standard_server 8.0.0
  • Suse unitedlinux 1.0.0
  • Trustix secure_enterprise_linux 2.0.0
  • Trustix secure_linux 2.2.0
  • Trustix secure_linux 3.0.0
  • Turbolinux appliance_server 1.0.0 Hosting Edition
  • Turbolinux appliance_server 1.0.0 Workgroup Edition
  • Turbolinux appliance_server 2.0
  • Turbolinux appliance_server_hosting_edition 1.0.0
  • Turbolinux appliance_server_workgroup_edition 1.0.0
  • Turbolinux home
  • Turbolinux multimedia
  • Turbolinux personal
  • Turbolinux turbolinux 10 F...
  • Turbolinux turbolinux FUJI
  • Turbolinux turbolinux_desktop 10.0.0
  • Turbolinux turbolinux_server 10.0.0
  • Turbolinux turbolinux_server 10.0.0 X86
  • Turbolinux turbolinux_server 7.0.0
  • Turbolinux turbolinux_server 8.0.0
  • Turbolinux turbolinux_workstation 8.0.0
  • Ubuntu ubuntu_linux 5.0.0 4 Amd64
  • Ubuntu ubuntu_linux 5.0.0 4 I386
  • Ubuntu ubuntu_linux 5.0.0 4 Powerpc
  • Ubuntu ubuntu_linux 5.10.0 Amd64
  • Ubuntu ubuntu_linux 5.10.0 I386
  • Ubuntu ubuntu_linux 5.10.0 Powerpc

References

  • BugTraq: 17780
  • CVE: CVE-2006-1516

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out