Vulnerability Name:

CVE-2005-0709 (CCN-19658)

Assigned:2005-03-11
Published:2005-03-11
Updated:2019-12-17
Summary:MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: VulnWatch Security Advisory 0083
Mysql CREATE FUNCTION mysql.func table arbitrary library injection

Source: VULNWATCH
Type: Exploit
20050310 Mysql CREATE FUNCTION libc arbitrary code execution.

Source: MITRE
Type: CNA
CVE-2005-0709

Source: MITRE
Type: CNA
CVE-2005-0710

Source: APPLE
Type: UNKNOWN
APPLE-SA-2005-08-17

Source: APPLE
Type: UNKNOWN
APPLE-SA-2005-08-15

Source: BUGTRAQ
Type: UNKNOWN
20050310 Mysql CREATE FUNCTION libc arbitrary code execution.

Source: CCN
Type: RHSA-2005-334
mysql security update

Source: CCN
Type: RHSA-2005-348
mysql-server security update

Source: SUNALERT
Type: UNKNOWN
101864

Source: CCN
Type: Sun Alert ID: 201658
Multiple Security Vulnerabilities in The "MySQL" Package

Source: CCN
Type: CIAC INFORMATION BULLETIN P-164
MySQL Security Update

Source: CCN
Type: CIAC INFORMATION BULLETIN P-171
SGI Advanced Linux Environment 3 Security Update #33

Source: CCN
Type: CIAC Information Bulletin P-276
Apple Security Update 2005-007

Source: DEBIAN
Type: Patch
DSA-707

Source: DEBIAN
Type: DSA-707
mysql -- several vulnerabilities

Source: CCN
Type: GLSA-200503-19
MySQL: Multiple vulnerabilities

Source: GENTOO
Type: Patch
GLSA-200503-19

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:060

Source: CCN
Type: MySQL Web site
MySQL- The world's most popular open source database

Source: SUSE
Type: Patch
SUSE-SA:2005:019

Source: CCN
Type: OpenPKG-SA-2005.006
MySQL

Source: REDHAT
Type: UNKNOWN
RHSA-2005:334

Source: REDHAT
Type: UNKNOWN
RHSA-2005:348

Source: BID
Type: Exploit, Patch
12781

Source: CCN
Type: BID-12781
MySQL AB MySQL Multiple Remote Vulnerabilities

Source: TRUSTIX
Type: Patch
2005-0009

Source: CCN
Type: TLSA-2005-48
Multiple vulnerabilities exist in MySQL

Source: CCN
Type: USN-96-1
mySQL vulnerabilities

Source: XF
Type: UNKNOWN
mysql-udfinit-gain-access(19658)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10479

Source: UBUNTU
Type: UNKNOWN
USN-96-1

Source: SUSE
Type: SUSE-SA:2005:019
MySQL: remote code execution

Vulnerable Configuration:Configuration 1:
  • cpe:/a:oracle:mysql:4.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.3:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.10:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:3.23.49:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.5:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:oracle:mysql:3.23.49:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.3:beta:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql:4.1.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:3:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20050709
    V
    CVE-2005-0709
    2015-11-16
    oval:org.mitre.oval:def:10479
    V
    MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
    2013-04-29
    oval:org.debian:def:707
    V
    several vulnerabilities
    2005-04-13
    oval:com.redhat.rhsa:def:20050334
    P
    RHSA-2005:334: mysql security update (Important)
    2005-03-28
    BACK
    mysql mysql 4.1.0
    mysql mysql 4.1.3
    mysql mysql 4.1.10
    oracle mysql 3.23.49
    oracle mysql 4.0.0
    oracle mysql 4.0.1
    oracle mysql 4.0.2
    oracle mysql 4.0.3
    oracle mysql 4.0.4
    oracle mysql 4.0.5
    oracle mysql 4.0.5a
    oracle mysql 4.0.6
    oracle mysql 4.0.7
    oracle mysql 4.0.7 gamma
    oracle mysql 4.0.8
    oracle mysql 4.0.8 gamma
    oracle mysql 4.0.9
    oracle mysql 4.0.9 gamma
    oracle mysql 4.0.10
    oracle mysql 4.0.11
    oracle mysql 4.0.11 gamma
    oracle mysql 4.0.12
    oracle mysql 4.0.13
    oracle mysql 4.0.14
    oracle mysql 4.0.15
    oracle mysql 4.0.18
    oracle mysql 4.0.20
    oracle mysql 4.0.21
    oracle mysql 4.0.23
    oracle mysql 4.1.0 alpha
    oracle mysql 4.1.2 alpha
    oracle mysql 4.1.3 beta
    oracle mysql 4.1.4
    oracle mysql 4.1.5
    mysql mysql 3.23.49
    mysql mysql 4.0.18
    mysql mysql 4.0.20
    mysql mysql 4.0.23
    mysql mysql 4.0.0
    mysql mysql 4.0.1
    mysql mysql 4.0.10
    mysql mysql 4.0.11
    mysql mysql 4.0.11 gamma
    mysql mysql 4.0.12
    mysql mysql 4.0.13
    mysql mysql 4.0.14
    mysql mysql 4.0.15
    mysql mysql 4.0.2
    mysql mysql 4.0.21
    mysql mysql 4.0.3
    mysql mysql 4.0.4
    mysql mysql 4.0.5
    mysql mysql 4.0.5a
    mysql mysql 4.0.6
    mysql mysql 4.0.7
    mysql mysql 4.0.7 gamma
    mysql mysql 4.0.8
    mysql mysql 4.0.8 gamma
    mysql mysql 4.0.9
    mysql mysql 4.0.9 gamma
    mysql mysql 4.1.0.0
    mysql mysql 4.1.2 alpha
    mysql mysql 4.1.3 beta
    mysql mysql 4.1.4
    mysql mysql 4.1.5
    debian debian linux 3.0
    openpkg openpkg current
    gentoo linux *
    suse linux enterprise server 8
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    suse suse linux 9.2
    openpkg openpkg 2.2
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    sun solaris 10
    sun solaris 10
    redhat linux advanced workstation 2.1
    redhat rhel extras 3
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux home *
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1