Intrusion Prevention

MySQL.YaSSL.Certificate.Packet.Buffer.Overflow

Description

This indicates s possible attack against a buffer-overflow vulnerability in yaSSL.
This issue is caused by an error when the vulnerable software handles a malformed certificate packet. It may allow remote attackers to execute arbitrary code or cause denial of service by sending a crafted certificate packet.

Affected Products

yaSSL prior to 1.9.9

Impact

System compromise
Denial of service

Recommended Actions

Update to version 1.9.9.

CVE References

CVE-2009-4484