LinkBack URL
About LinkBacks
Multiple vulnerabilities have been identified in MySQL
Multiple vulnerabilities have been identified in MySQL, which could be exploited by attackers to compromise a vulnerable system or gain knowledge of sensitive information.
The first flaw is due to a buffer overflow error in the "sql_base.cc" script that does not properly handle specially crafted "COM_TABLE_DUMP" packets, which could be exploited by authenticated attackers to execute arbitrary commands.
The second issue is due to an input validation error in the "sql_parse.cc" file that fails to properly validate "COM_TABLE_DUMP" packets, which could be exploited by attackers to cause portions of the memory to be disclosed in error messages.
The third vulnerability is due to an input validation error in the "sql_parse.cc" script that fails to properly handle malformed login packets, which could be exploited by attackers to cause portions of the memory to be disclosed in error messages.
Affected Products
MySQL version 4.0.26 and prior
MySQL version 4.1.18 and prior
MySQL version 5.0.20 and prior
MySQL version 5.1.9 and prior
Solution
Upgrade to MySQL version 5.0.21 :
http://dev.mysql.com/downloads/
References
http://www.frsirt.com/english/advisories/2006/1633
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
http://www.wisec.it/vulns.php?page=8
http://www.wisec.it/vulns.php?page=7
Credits
Vulnerabilities reported by Stefano Di Paola
Reply With Quote
