CVE-2006-0903

N/A Unknown
Published: February 27, 2006 Modified: April 16, 2026
View on NVD

Description

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0653.html
Source: secalert@redhat.com
http://bugs.mysql.com/bug.php?id=17667
Source: secalert@redhat.com
http://rst.void.ru/papers/advisory39.txt
Source: secalert@redhat.com
http://secunia.com/advisories/19034
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/19502
Source: secalert@redhat.com
http://secunia.com/advisories/19814
Source: secalert@redhat.com
http://secunia.com/advisories/20241
Source: secalert@redhat.com
http://secunia.com/advisories/20253
Source: secalert@redhat.com
http://secunia.com/advisories/20333
Source: secalert@redhat.com
http://secunia.com/advisories/20625
Source: secalert@redhat.com
http://secunia.com/advisories/30351
Source: secalert@redhat.com
http://securitytracker.com/id?1015693
Source: secalert@redhat.com
http://www.debian.org/security/2006/dsa-1071
Source: secalert@redhat.com
http://www.debian.org/security/2006/dsa-1073
Source: secalert@redhat.com
http://www.debian.org/security/2006/dsa-1079
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:064
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2006-0544.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0083.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2008-0364.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/16850
Source: secalert@redhat.com
http://www.ubuntu.com/usn/usn-274-2
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2006/0752
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/24966
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9915
Source: secalert@redhat.com
https://usn.ubuntu.com/274-1/
Source: secalert@redhat.com
http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0653.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://bugs.mysql.com/bug.php?id=17667
Source: af854a3a-2127-422b-91ae-364da2661108
http://rst.void.ru/papers/advisory39.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/19034
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/19502
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/19814
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/20241
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/20253
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/20333
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/20625
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30351
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1015693
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2006/dsa-1071
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2006/dsa-1073
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2006/dsa-1079
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDKSA-2006:064
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2006-0544.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0083.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0364.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/16850
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-274-2
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/0752
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/24966
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9915
Source: af854a3a-2127-422b-91ae-364da2661108
https://usn.ubuntu.com/274-1/
Source: af854a3a-2127-422b-91ae-364da2661108

50 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.2%
48th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

mysql oracle