|
|
|||
| Rule General Information |
|---|
| Release Date: | 2014-12-11 | |
| Rule Name: | Mysql Yassl SSL Hello Message Buffer Overflow Vulnerability -1 (CVE-2008-0226) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks include arbitrary code execution and denial of service. | |
| Affected OS: | Windows, Others, Linux | |
| Reference: | SecurityFocusBID:27140 SecurityFocusBID:31681 |
|
| Solutions |
|---|
| No information about possible solutions is published. Please use an alternative product to substitude the affected software. |