CVE-2005-2558

NameCVE-2005-2558
DescriptionStack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-829-1, DSA-831-1, DSA-833-2
NVD severitymedium (attack range: local)
Debian Bugs322133

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mysqlsourcewoody3.23.49-8.14mediumDSA-829-1
mysql-dfsgsource(unstable)4.0.24-10sarge1medium322133
mysql-dfsg-4.1source(unstable)4.1.13medium
mysql-dfsg-4.1sourcesarge4.1.11a-4sarge2mediumDSA-833-2
mysql-dfsg-5.0source(unstable)5.0.7beta-1medium

Search for package or bug name: Reporting problems