Launchpad.net

CVE 2008-0227

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.

Related bugs and status

CVE-2008-0227 (Candidate) is related to these bugs:

Bug #172260: [mysql] multiple vulnerabilities

		In	Importance	Status
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu)	Unknown	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (tuXlab)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Dapper)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Dapper)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Dapper)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Dapper)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Edgy)	Undecided	Won't Fix
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Edgy)	Undecided	Won't Fix
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Edgy)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Edgy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Feisty)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Feisty)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Feisty)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Feisty)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Gutsy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Gutsy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Gutsy)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Gutsy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg (Ubuntu Hardy)	Unknown	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-4.1 (Ubuntu Hardy)	Undecided	Invalid
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.0 (Ubuntu Hardy)	Medium	Fix Released
172260	[mysql] multiple vulnerabilities	mysql-dfsg-5.1 (Ubuntu Hardy)	Undecided	Invalid

Bug #185039: [mysql] [CVE-2007-6303] remote privilege escalation

Summary				In	Importance	Status
	185039	[mysql] [CVE-2007-6303] remote privilege escalation		mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released

Bug #186978: [mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL

		In	Importance	Status
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu Edgy)	Undecided	Fix Released
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu Feisty)	Undecided	Fix Released
186978	[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL	mysql-dfsg-5.0 (Ubuntu Gutsy)	Undecided	Fix Released

Bug #201009: [mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed

		In	Importance	Status
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Dapper)	High	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Edgy)	High	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Feisty)	High	Fix Released
201009	[mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed	mysql-dfsg-5.0 (Ubuntu Gutsy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 27140
SECUNIA: 28324
DEBIAN: DSA-1478
SECUNIA: 28597
CONFIRM: http://bugs.mysql.com/...
CONFIRM: http://dev.mysql.com/d...
UBUNTU: USN-588-1
SECUNIA: 29443
SREASON: 3531
MANDRIVA: MDVSA-2008:150
APPLE: APPLE-SA-2008-10-09
BID: 31681
CONFIRM: http://support.apple.c...
SECUNIA: 32222
VUPEN: ADV-2008-0560
VUPEN: ADV-2008-2780
XF: yassl-hashwithtransfor...
BUGTRAQ: 20080104 Multiple vuln...