CVE-2005-0799 in MySQLinfo

Summary

by MITRE

MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 07/04/2025

The vulnerability identified as CVE-2005-0799 represents a critical denial of service flaw in MySQL database management systems version 4.1.9 and potentially earlier releases. This weakness specifically targets the database server's handling of certain file system operations through the use command, which is typically employed for switching between different databases within the MySQL environment. The vulnerability arises from insufficient input validation when processing device names that conform to MS-DOS naming conventions, creating a pathway for remote attackers to exploit the system's file handling mechanisms. The attack vector requires an authenticated user with specific privileges, typically database user accounts that have been granted access to execute certain commands within the MySQL environment, making it particularly concerning for systems where multiple users have varying levels of database access.

The technical implementation of this vulnerability exploits the interaction between MySQL's command processing and operating system file handling routines. When a user executes a use command followed by an MS-DOS device name such as LPT1 or PRN, the MySQL server attempts to process these names as if they were legitimate database references or file paths. The system's failure to properly validate these inputs causes the database engine to attempt operations on device names that are reserved in the MS-DOS file system and cannot be properly handled by modern operating systems. This leads to memory corruption or system resource exhaustion, ultimately resulting in the application crash and complete denial of service for legitimate database users. The flaw demonstrates a classic buffer over-read or improper resource management issue, where the software does not adequately check for special device names that could cause system instability. This vulnerability aligns with CWE-121, which describes heap-based buffer overflow conditions, and also relates to CWE-248, which addresses the exposure of an exception to a calling function.

The operational impact of CVE-2005-0799 extends beyond simple service disruption to potentially compromise the availability of critical business applications that depend on MySQL database functionality. Organizations utilizing affected MySQL versions face the risk of unauthorized denial of service attacks that can render their database systems completely inaccessible, affecting data retrieval, storage, and all database operations. The vulnerability is particularly dangerous in production environments where database availability is paramount for business continuity, as attackers can cause system-wide outages with relatively simple commands. This attack pattern can be automated and executed remotely, making it an attractive vector for malicious actors seeking to disrupt services without requiring physical access to the system. The vulnerability also demonstrates a weakness in the principle of least privilege, as it allows authenticated users to escalate their impact through carefully crafted commands, potentially leading to more severe consequences if combined with other vulnerabilities.

The mitigation strategy for this vulnerability involves immediate patching of MySQL installations to versions that properly validate input parameters and reject MS-DOS device names during command processing. System administrators should implement network segmentation and access controls to limit the number of users with database privileges that could execute potentially dangerous commands. The implementation of proper input validation mechanisms within database applications should be enhanced to prevent similar issues in other database systems. Additionally, monitoring and logging of database commands, particularly those involving file system operations, should be implemented to detect anomalous behavior patterns. From an ATT&CK framework perspective, this vulnerability aligns with the T1499.004 technique for network denial of service, and represents a privilege escalation vector that could be leveraged in combination with other attack techniques to achieve broader system compromise. Organizations should also consider implementing database activity monitoring solutions that can detect and alert on suspicious command sequences that match known attack patterns for this type of vulnerability.

Reservation

03/20/2005

Disclosure

03/15/2005

Moderation

accepted

Entry

2

Relate

show

CPE

ready

EPSS

0.02534

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!