CVE-2008-0227

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.

🔗 References (36)

• cve@mitrehttp://bugs.mysql.com/33814
• cve@mitrehttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
• cve@mitrehttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
• cve@mitrehttp://secunia.com/advisories/28324
• cve@mitrehttp://secunia.com/advisories/28597
• cve@mitrehttp://secunia.com/advisories/29443
• cve@mitrehttp://secunia.com/advisories/32222
• cve@mitrehttp://securityreason.com/securityalert/3531
• cve@mitrehttp://support.apple.com/kb/HT3216
• cve@mitrehttp://www.debian.org/security/2008/dsa-1478
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDVSA-2008:150
• cve@mitrehttp://www.securityfocus.com/archive/1/485810/100/0/threaded
• cve@mitrehttp://www.securityfocus.com/bid/27140
• cve@mitrehttp://www.securityfocus.com/bid/31681
• cve@mitrehttp://www.ubuntu.com/usn/usn-588-1