Vulnerability Details : CVE-2008-0226
Public exploit exists!
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Vulnerability category: OverflowExecute code
Products affected by CVE-2008-0226
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.41:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.32:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.34:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.51:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.52:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.42:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.44:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.45:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.58:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.60:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.62:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.40:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.48:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.50:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.30:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.36:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.38:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.46:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.50:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.56:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.64:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.0.66:sp1:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.30:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.36:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.44:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.60:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.54:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.56:*:*:*:*:*:*:*
- cpe:2.3:a:mysql:mysql:5.0.66:*:*:*:*:*:*:*
- cpe:2.3:a:yassl:yassl:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
Threat overview for CVE-2008-0226
Top countries where our scanners detected CVE-2008-0226
Top open port discovered on systems with this issue
3306
IPs affected by CVE-2008-0226 9,378
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-0226!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-0226
97.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2008-0226
-
MySQL yaSSL SSL Hello Message Buffer Overflow
Disclosure Date: 2008-01-04First seen: 2020-04-26exploit/linux/mysql/mysql_yassl_helloThis module exploits a stack buffer overflow in the yaSSL (1.7.5 and earlier) implementation bundled with MySQL <= 6.0. By sending a specially crafted Hello packet, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com> -
MySQL yaSSL SSL Hello Message Buffer Overflow
Disclosure Date: 2008-01-04First seen: 2020-04-26exploit/windows/mysql/mysql_yassl_helloThis module exploits a stack buffer overflow in the yaSSL (1.7.5 and earlier) implementation bundled with MySQL <= 6.0. By sending a specially crafted Hello packet, an attacker may be able to execute arbitrary code. Authors: - MC <mc@metasploit.com>
CVSS scores for CVE-2008-0226
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2008-0226
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-0226
-
Red Hat 2008-01-11Not vulnerable. This issue did not affect versions of MySQL as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, Red Hat Application Stack v1, and v2, as they are not built with yaSSL support.
References for CVE-2008-0226
-
http://bugs.mysql.com/33814
Permissions Required
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/39429
VDB Entry
-
http://www.vupen.com/english/advisories/2008/0560/references
Permissions Required
-
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Mailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/27140
yaSSL Multiple Remote Buffer Overflow VulnerabilitiesThird Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/39431
VDB Entry
-
http://securityreason.com/securityalert/3531
Third Party Advisory
-
http://www.securityfocus.com/archive/1/485811/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
Broken Link
-
http://www.securityfocus.com/archive/1/485810/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2008/2780
Webmail: access your OVH emails on ovhcloud.com | OVHcloudPermissions Required
-
http://www.ubuntu.com/usn/usn-588-1
Third Party Advisory
-
http://support.apple.com/kb/HT3216
About Security Update 2008-007 - Apple SupportThird Party Advisory
-
http://www.debian.org/security/2008/dsa-1478
Third Party Advisory
-
http://www.securityfocus.com/bid/31681
Third Party Advisory;VDB Entry
-
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
Not Applicable
Jump to