-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2012 02:26 PM, king cope wrote:
> (see attachment)
>
> Cheerio,
>
> Kingcope
So normally for MySQL issues Oracle would assign the CVE #. However in
this case we have a bit of a time constraint (it's a weekend and this
is blowing up quickly)
-assign and OSVDB to the CC so that everyone is aware of what is
going on.
Please use CVE-2012-5612 for MySQL (Linux) Heap Based Overrun PoC Zeroday
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-BEGIN PGP SIGNATURE
Hi Kingcope,
# As seen below $edx and $edi are fully controlled,
# the current instruction is
# => 0x83a6b24 : mov(%edx),%edi
# this means we landed in a place where 4 bytes can be controlled by 4 bytes
# with this function pointers and GOT entries can be rewritten to
execute arbritrary code
(see attachment)
Cheerio,
Kingcope
mysql_heapoverrun.pl
Description: Binary data