Hi! On Jan 21, Dennis Kruyt wrote: > Hi, > > When I try the hoagie_mysql exploit from http://void.at/releases.html > on a 3.23.54a MySQL server (witch sould be safe) then i can crash the > database with this. > > How did I do it? > > I start hoagie_mysql with a valid db user (not root). Then press ctrl-c > (abort) and start the tool again. Now the tool has reported that the > attack has failed. But the MySQL db is restarted if i look in the error > log and some normal connectie to the database then will fail. I have > tried it on several server with success.
You should've contacted us (using [EMAIL PROTECTED]) first so we'd be able to release fixed version :( Anyway, this is fixed. 3.23.55 will be released soon. For impatients, there's our bk tree, available publicaly Thanks for bugreport. Regards, Sergei -- MySQL Development Team __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Sergei Golubchik <[EMAIL PROTECTED]> / /|_/ / // /\ \/ /_/ / /__ MySQL AB, http://www.mysql.com/ /_/ /_/\_, /___/\___\_\___/ Osnabrueck, Germany <___/ --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php