CVE-2009-4484

Name: CVE-2009-4484
Creator: NVD / NIST
Published: 2009-12-30T21:30:00.547+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 69.55%

Last modified Jun 16, 2026

CVE-2009-4484 is a vulnerability of currently unknown severity. Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.. EPSS estimates a 69.55% chance of exploitation in the next 30 days.

Description

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.

Metrics

EPSS Probability

69.55%

99.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions	Update
Oracle	Mysql	>= 5.0.0, < 5.0.90	—
Oracle	Mysql	>= 5.1.0, < 5.1.43	—
Oracle	Mysql	5.0.0	Milestone1
Wolfssl	Yassl	< 1.9.9	—
Canonical	Ubuntu Linux	6.06	—
Canonical	Ubuntu Linux	8.04	—
Canonical	Ubuntu Linux	8.10	—
Canonical	Ubuntu Linux	9.04	—
Canonical	Ubuntu Linux	9.10	—
Canonical	Ubuntu Linux	10.04	—
Canonical	Ubuntu Linux	10.10	—
Canonical	Ubuntu Linux	11.04	—
Canonical	Ubuntu Linux	11.10	—
Debian	Debian Linux	4.0	—
Debian	Debian Linux	5.0	—
Debian	Debian Linux	6.0	—
Mariadb	Mariadb	>= 5.1, < 5.1.42	—

References

http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.htmlBroken Link
http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1Broken Link
http://bugs.mysql.com/bug.php?id=50227Exploit, Issue Tracking, Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.htmlBroken Link
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.htmlBroken Link
http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.htmlBroken Link
http://intevydis.com/mysql_demo.htmlBroken Link
http://intevydis.com/mysql_overflow1.py.txtBroken Link
http://intevydis.com/vd-list.shtmlBroken Link
http://isc.sans.org/diary.html?storyid=7900Third Party Advisory
http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.htmlBroken Link
http://lists.mysql.com/commits/96697Patch, Vendor Advisory
http://secunia.com/advisories/37493Third Party Advisory
http://secunia.com/advisories/38344Third Party Advisory
http://secunia.com/advisories/38364Third Party Advisory
http://secunia.com/advisories/38517Third Party Advisory
http://secunia.com/advisories/38573Third Party Advisory
http://securitytracker.com/id?1023402Third Party Advisory, VDB Entry
http://securitytracker.com/id?1023513Third Party Advisory, VDB Entry
http://ubuntu.com/usn/usn-897-1Third Party Advisory
http://www.debian.org/security/2010/dsa-1997Third Party Advisory
http://www.intevydis.com/blog/?p=106Broken Link
http://www.intevydis.com/blog/?p=57Broken Link
http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getnameThird Party Advisory
http://www.osvdb.org/61956Broken Link
http://www.securityfocus.com/bid/37640Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/37943Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/37974Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-1397-1Third Party Advisory
http://www.vupen.com/english/advisories/2010/0233Third Party Advisory
http://www.vupen.com/english/advisories/2010/0236Third Party Advisory
http://www.yassl.com/news.html#yassl199Broken Link
http://www.yassl.com/release.htmlBroken Link
http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=555313Issue Tracking, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55416Third Party Advisory, VDB Entry
http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.htmlBroken Link
http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1Broken Link
http://bugs.mysql.com/bug.php?id=50227Exploit, Issue Tracking, Vendor Advisory
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.htmlBroken Link
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.htmlBroken Link
http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.htmlBroken Link
http://intevydis.com/mysql_demo.htmlBroken Link
http://intevydis.com/mysql_overflow1.py.txtBroken Link
http://intevydis.com/vd-list.shtmlBroken Link
http://isc.sans.org/diary.html?storyid=7900Third Party Advisory
http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.htmlBroken Link
http://lists.mysql.com/commits/96697Patch, Vendor Advisory
http://secunia.com/advisories/37493Third Party Advisory
http://secunia.com/advisories/38344Third Party Advisory
http://secunia.com/advisories/38364Third Party Advisory
http://secunia.com/advisories/38517Third Party Advisory
http://secunia.com/advisories/38573Third Party Advisory
http://securitytracker.com/id?1023402Third Party Advisory, VDB Entry
http://securitytracker.com/id?1023513Third Party Advisory, VDB Entry
http://ubuntu.com/usn/usn-897-1Third Party Advisory
http://www.debian.org/security/2010/dsa-1997Third Party Advisory
http://www.intevydis.com/blog/?p=106Broken Link
http://www.intevydis.com/blog/?p=57Broken Link
http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getnameThird Party Advisory
http://www.osvdb.org/61956Broken Link
http://www.securityfocus.com/bid/37640Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/37943Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/37974Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-1397-1Third Party Advisory
http://www.vupen.com/english/advisories/2010/0233Third Party Advisory
http://www.vupen.com/english/advisories/2010/0236Third Party Advisory
http://www.yassl.com/news.html#yassl199Broken Link
http://www.yassl.com/release.htmlBroken Link
http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=555313Issue Tracking, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55416Third Party Advisory, VDB Entry

Timeline

Published: Dec 30, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-4484?

How severe is CVE-2009-4484?

Severity scoring for CVE-2009-4484 is pending analysis. The EPSS model estimates a 69.55% probability of exploitation in the next 30 days.

How do I fix CVE-2009-4484?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-4484?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST