Summary
You are running a version of MySQL which is older than 4.0.21.
MySQL is a database which runs on both Linux/BSD and Windows platform.
This version is vulnerable to a length overflow within it's mysql_real_connect() function. The overflow is due to an error in the processing of a return Domain (DNS) record. An attacker, exploiting this flaw, would need to control a DNS server which would be queried by the MySQL server. A successful attack would give the attacker the ability to execute arbitrary code on the remote machine.
Solution
Upgrade to the latest version of MySQL 4.0.21 or newer
Severity
Classification
-
CVE CVE-2004-0836 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities