CVE-2009-4484

Publication date 30 December 2009

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.

Read the notes from the security team

Status

Package Ubuntu Release Status
mysql-5.1 11.04 natty
Fixed 5.1.41-3ubuntu7
10.10 maverick
Fixed 5.1.41-3ubuntu7
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
mysql-dfsg-5.0 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Ignored end of life
9.04 jaunty
Fixed 5.1.30really5.0.75-0ubuntu10.3
8.10 intrepid
Fixed 5.0.67-0ubuntu6.1
8.04 LTS hardy
Fixed 5.0.51a-3ubuntu5.5
6.06 LTS dapper
Fixed 5.0.22-0ubuntu6.06.12
mysql-dfsg-5.1 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid
Fixed 5.1.41-3ubuntu7
9.10 karmic
Fixed 5.1.37-1ubuntu5.1
9.04 jaunty Ignored end of life
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

Notes

mdeslaur

PoC: http://intevydis.com/mysql_overflow1.py.txt

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
mysql-dfsg-5.0
mysql-dfsg-5.1

References

Related Ubuntu Security Notices (USN)

    • USN-897-1
    • MySQL vulnerabilities
    • 10 February 2010

Other references