yaSSL is Yet Another SSL. yaSSL is an SSL Library for programmers building security functionality into their applications and devices.
-
#!/usr/bin/env python # # Use this code at your own risk. Never run it against a production system. # # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES # WITH REGARD TO THIS S
-
## # $Id: mysql_yassl_getname.rb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see
-
## # $Id: mysql_yassl_getname.rb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see
-
发布日期:2010-01-26 BUGTRAQ ID:37943 受影响的软件及系统: ==================== MySQL AB MySQL 5.5-ms2 MySQL AB MySQL 5.1.x MySQL AB MySQL 5.0.x 综述: ====== MySQL 是一款使用非常广泛的开放源代码关系数据库系统,拥有各种平台的运行版本。MySQL所捆绑的yaSSL库在解析
-
####################################################################### Luigi Auriemma Application: yaSSL http://www.yassl.com Versions: <= 1.7.5 Platforms: Windows and *nix Bugs: A] buffer-overflow i
-
http://www.securityfocus.com/data/vulnerabilities/exploits/37943.py http://www.securityfocus.com/data/vulnerabilities/exploits/37943_mysql_yassl_getname.rb
-
Description:Buffer overflows in ProcessOldClientHello and operator>>, memory exhaustion in HASHwithTransform::Update. The following is a proof-of-concept for testing the buffer-overflow which affects
-
# MySQL yaSSL SSL Hello Message Buffer Overflow 1. 漏洞介绍和分析 yaSSL是用于实现SSL的开源软件包。 yaSSL实现上存在多个远程溢出及无效内存访问问题,远程攻击者可能利用此漏洞控制服务器。 向堆栈缓冲区溢出的yaSSL(1.7.5和更早的版本)实现与MySQL捆绑< = 6.0。通过发送一个专门制作的HEllo 包 ,攻击者可以执行任意代
-
MySQL 5.7.16发布,yaSSL修复升级 发布时间:2016-10-13 16:06:29来源:红联作者:baihuo MySQL 5.7.16 发布了。 版本更新如下: yaSSL 升级到2.42版本。 This upgrade corrects issues with: Potential AES side channel leaks; DSA padding for unusual