CVE-2005-0082

The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mysql:maxdb:7.5.00:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.08:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.11:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.12:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.14:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.15:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.16:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.18:::::::*
	cpe:2.3:a:mysql:maxdb:7.5.00.19:::::::*

History

No history.

Information

Published : 2005-04-14 04:00

Updated : 2023-12-10 10:28

NVD link : CVE-2005-0082

Mitre link : CVE-2005-0082

CVE.ORG link : CVE-2005-0082

JSON object : View

Products Affected

mysql

maxdb

CWE

NVD-CWE-Other

{"id": "CVE-2005-0082", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-04-14T04:00:00.000", "references": [{"url": "http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash."}, {"lang": "es", "value": "La funci\u00f3n sapdbwa_GetUserData de MySQL MaxDB 7.5.0.0, otras versiones anteriores a 7.5.0.21 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante un par\u00e1metro inv\u00e1lido al c\u00f3digo de manejador de WebDAV, lo que dispara una desreferencia nula que causa que el Agente Web SAP Db se caiga."}], "lastModified": "2011-03-08T02:19:30.750", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FBA6898-4D32-4A3D-8529-1FC7A63894B6"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.08:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2635818-D83B-4C7A-9693-4EB202DA16AC"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D28E5409-B8F1-4A9E-9A1E-0B023E5190DB"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67E23371-678E-476B-B067-FCD655861CE6"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C6C9B28-F515-4F47-83F6-F2D4164B8D83"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "160A9738-B169-4022-85BC-14B0BBFD1C01"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8442206-133D-4048-8064-D5724FDF0E04"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EAE96CE-D059-4C87-A7EC-5578EFD93849"}, {"criteria": "cpe:2.3:a:mysql:maxdb:7.5.00.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B406A8D-48C1-4E62-BD40-2EA7D1A1A1DB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}