CVE-2008-0226

Priority
Medium
Description
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and
possibly other products, allow remote attackers to execute arbitrary code
via (1) the ProcessOldClientHello function in handshake.cpp or (2)
"input_buffer& operator>>" in yassl_imp.cpp.
References
Bugs
Notes
jdstrand> dapper not affected (yassl not compiled)
Assigned-to
jdstrand
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):not-affected (5.0.51a-1ubuntu1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (5.0.51a-1ubuntu1)
Patches:
Vendor:http://www.debian.org/security/2008/dsa-1478
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:31 UTC (commit 5347)