subject:"Bug#414790\: mysql\-server\-5.0\: MySQL 5 Single Row Subselect Denial of Service"

Bug#414790: mysql-server-5.0: MySQL 5 Single Row Subselect Denial of Service

2007-03-13 Thread Laurent Bonnaud

Package: mysql-server-5.0
Version: 5.0.32-7
Severity: grave
Tags: security
Justification: user security hole


Hi,

here is the problem:

  http://www.sec-consult.com/284.html

I set the severity to grave because the advisory does not exclude
arbitrary code execution.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#414790: mysql-server-5.0: MySQL 5 Single Row Subselect Denial of Service

2007-03-13 Thread Christian Hammers



On 2007-03-13 Laurent Bonnaud wrote:
 here is the problem:
 
   http://www.sec-consult.com/284.html
 
 I set the severity to grave because the advisory does not exclude
 arbitrary code execution.

Thanks for pointing this out. I found the upstream bug reports at
http://bugs.mysql.com/bug.php?id=26556 and 
http://bugs.mysql.com/bug.php?id=24630 and a patch at
http://lists.mysql.com/commits/19685

I will try to backport it soon.

bye,

-christian-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#414790: mysql-server-5.0: MySQL 5 Single Row Subselect Denial of Service

Bug#414790: mysql-server-5.0: MySQL 5 Single Row Subselect Denial of Service

2 matches

Site Navigation

Mail list logo

Footer information