漏洞信息详情
yaSSL 缓冲区错误漏洞
- CNNVD编号:CNNVD-200801-154
- 危害等级: 高危
- CVE编号: CVE-2008-0226
- 漏洞类型: 缓冲区错误
- 发布时间: 2007-10-14
- 威胁类型: 远程
- 更新时间: 2019-12-27
- 厂 商: mysql
- 漏洞来源: Luigi Auriemma※ al...
漏洞简介
yaSSL是用于实现SSL的开源软件包。
yaSSL(用于MySQL或其他产品) 1.7.5及之前版本中存在缓冲区错误漏洞。远程攻击者可利用该漏洞执行任意代码。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页:
https://www.wolfssl.com
参考网址
来源:MANDRIVA
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
来源:SECUNIA
链接:http://secunia.com/advisories/28419
来源:SREASON
链接:http://securityreason.com/securityalert/3531
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/39431
来源:BID
链接:https://www.securityfocus.com/bid/27140
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/39429
来源:BUGTRAQ
链接:http://www.securityfocus.com/archive/1/485811/100/0/threaded
来源:SECUNIA
链接:http://secunia.com/advisories/32222
来源:UBUNTU
链接:http://www.ubuntu.com/usn/usn-588-1
来源:CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2008/Oct/msg00001.HTML
来源:BID
链接:https://www.securityfocus.com/bid/31681
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2008/2780
来源:CONFIRM
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT3216
来源:DEBIAN
链接:https://www.debian.org/security/2008/dsa-1478
来源:SECUNIA
链接:http://secunia.com/advisories/28324
来源:CONFIRM
链接:http://bugs.mysql.com/33814
来源:SECUNIA
链接:http://secunia.com/advisories/28597
来源:SECUNIA
链接:http://secunia.com/advisories/29443
来源:CONFIRM
链接:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.HTML
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2008/0560/references
来源:BUGTRAQ
链接:http://www.securityfocus.com/archive/1/485810/100/0/threaded
受影响实体
- Mysql Mysql:5.1.20
- Mysql Mysql:5.1.21
补丁
暂无
评论