RSS   Vulnerabilities for 'Netbackup advanced reporter'   RSS

2002-12-23
 
CVE-2002-1376

 

 
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.

 
 
CVE-2002-1375

 

 
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.

 
 
CVE-2002-1374

 

 
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.

 

 >>> Vendor: Symantec veritas 19 Products
Volume manager
Backup
Cluster server
Backup exec
Netbackup advanced reporter
Netbackup global data manager
I3 focalpoint server
Netbackup enterprise server
Netbackup server
Backup exec remote agent
Netbackup
Netbackup data and business center
Netbackup enterprise server client
Storage exec
Storagecentral
Sanpoint control quickstart
Storage foundation
Storage foundation cluster file system
Netbackup puredisk remote office edition


Copyright 2019, cxsecurity.com

 

Back to Top