CVE-2008-0227 - OpenCVE

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Yassl	Yassl

Configuration 1 [-]

cpe:2.3:a:yassl:yassl:*:*:*:*:*:*:*:*

References

Link	Resource
http://bugs.mysql.com/33814
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://secunia.com/advisories/28324	Vendor Advisory
http://secunia.com/advisories/28597
http://secunia.com/advisories/29443
http://secunia.com/advisories/32222
http://securityreason.com/securityalert/3531
http://support.apple.com/kb/HT3216
http://www.debian.org/security/2008/dsa-1478
http://www.mandriva.com/security/advisories?name=MDVSA-2008:150
http://www.securityfocus.com/archive/1/485810/100/0/threaded
http://www.securityfocus.com/bid/27140	Exploit
http://www.securityfocus.com/bid/31681
http://www.ubuntu.com/usn/usn-588-1
http://www.vupen.com/english/advisories/2008/0560/references
http://www.vupen.com/english/advisories/2008/2780
https://exchange.xforce.ibmcloud.com/vulnerabilities/39433

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-01-10T23:00:00

Updated: 2018-10-15T20:57:01

Reserved: 2008-01-10T00:00:00

Link: CVE-2008-0227

JSON object: View

NVD Information

Status : Modified

Published: 2008-01-10T23:46:00.000

Modified: 2018-10-15T21:58:42.267

Link: CVE-2008-0227

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-01-04T00:00:00", "descriptions": [{"lang": "en", "value": "yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-1478", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1478"}, {"name": "29443", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29443"}, {"name": "20080104 Multiple vulnerabilities in yaSSL 1.7.5", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485810/100/0/threaded"}, {"name": "28324", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28324"}, {"name": "3531", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3531"}, {"name": "31681", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31681"}, {"name": "yassl-hashwithtransformupdate-dos(39433)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39433"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.mysql.com/33814"}, {"name": "27140", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27140"}, {"name": "28597", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28597"}, {"name": "ADV-2008-0560", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0560/references"}, {"name": "32222", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32222"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html"}, {"name": "ADV-2008-2780", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2780"}, {"name": "USN-588-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-588-1"}, {"name": "MDVSA-2008:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:150"}, {"name": "APPLE-SA-2008-10-09", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3216"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0227", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-1478", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1478"}, {"name": "29443", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29443"}, {"name": "20080104 Multiple vulnerabilities in yaSSL 1.7.5", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485810/100/0/threaded"}, {"name": "28324", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28324"}, {"name": "3531", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3531"}, {"name": "31681", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31681"}, {"name": "yassl-hashwithtransformupdate-dos(39433)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39433"}, {"name": "http://bugs.mysql.com/33814", "refsource": "CONFIRM", "url": "http://bugs.mysql.com/33814"}, {"name": "27140", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27140"}, {"name": "28597", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28597"}, {"name": "ADV-2008-0560", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0560/references"}, {"name": "32222", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32222"}, {"name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html", "refsource": "CONFIRM", "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html"}, {"name": "ADV-2008-2780", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2780"}, {"name": "USN-588-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-588-1"}, {"name": "MDVSA-2008:150", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:150"}, {"name": "APPLE-SA-2008-10-09", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"}, {"name": "http://support.apple.com/kb/HT3216", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3216"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0227", "datePublished": "2008-01-10T23:00:00", "dateReserved": "2008-01-10T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yassl:yassl:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E11538C-D2F9-4D94-8C84-69BDC305D744", "versionEndIncluding": "1.7.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp."}, {"lang": "es", "value": "yaSSL 1.7.5 y anteriores, como el utilizado en MySQL y posiblemente otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un paquete Hello que contiene un valor de tama\u00f1o grande, lo cual provoca una sobre-lectura de b\u00fafer en la funci\u00f3n HASHwithTransform::Update en hash.cpp."}], "id": "CVE-2008-0227", "lastModified": "2018-10-15T21:58:42.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-01-10T23:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.mysql.com/33814"}, {"source": "cve@mitre.org", "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28324"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28597"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29443"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32222"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3531"}, {"source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3216"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1478"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:150"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485810/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27140"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/31681"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-588-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0560/references"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2780"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39433"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect versions of MySQL as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, Red Hat Application Stack v1, and v2, as they are not built with yaSSL support.", "lastModified": "2008-01-11T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}