Metasploit modules that can be used to exploit Mysql products
-
MySQL yaSSL SSL Hello Message Buffer Overflow
Disclosure Date: 2008-01-04First seen: 2020-04-26exploit/linux/mysql/mysql_yassl_helloThis module exploits a stack buffer overflow in the yaSSL (1.7.5 and earlier) implementation bundled with MySQL <= 6.0. By sending a specially crafted Hello packet, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com> -
MySQL yaSSL SSL Hello Message Buffer Overflow
Disclosure Date: 2008-01-04First seen: 2020-04-26exploit/windows/mysql/mysql_yassl_helloThis module exploits a stack buffer overflow in the yaSSL (1.7.5 and earlier) implementation bundled with MySQL <= 6.0. By sending a specially crafted Hello packet, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com> -
MaxDB WebDBM Database Parameter Overflow
Disclosure Date: 2006-08-29First seen: 2020-04-26exploit/windows/http/maxdb_webdbm_databaseThis module exploits a stack buffer overflow in the MaxDB WebDBM service. By sending a specially-crafted HTTP request that contains an overly long database name. A remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the wahttp process. This module has been tested against MaxDB 7.6.00.16 and MaxDB 7.6.00.27. Authors: - MC <mc@metasploit.com> -
MaxDB WebDBM GET Buffer Overflow
Disclosure Date: 2005-04-26First seen: 2020-04-26exploit/windows/http/maxdb_webdbm_get_overflowThis module exploits a stack buffer overflow in the MaxDB WebDBM service. This service is included with many recent versions of the MaxDB and SAPDB products. This particular module is capable of exploiting Windows systems through the use of an SEH frame overwrite. The offset to the SEH frame may change depending on where MaxDB has been installed, this module assumes a web root path with the same length as: C:\Program Files\sdb\programs\web\Documents Authors: - hdm <x@hdm.io>
4 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details