AOH :: HP Unsorted P :: BX1302.HTM

Pre-auth buffer-overflow in mySQL through yaSSL



Pre-auth buffer-overflow in mySQL through yaSSL
Pre-auth buffer-overflow in mySQL through yaSSL




The following is a proof-of-concept for testing the buffer-overflow
which affects yaSSL <= 1.7.5 on mySQL servers, any version, included the
latest 6.0.3:

http://aluigi.org/poc/mysqlo.zip 

The vulnerability is exploitable before authentication so the only
requirements for testing it are the usage of SSL on the server and
naturally having an IP address with access to the database.

By default mySQL uses yaSSL (1.6.0) for avoiding licences conflicts,
anyway if the test server has been compiled with specific OpenSSL
support it is NOT vulnerable.


--- 
Luigi Auriemma
http://aluigi.org 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.