20 Jan, 2008
MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
Posted by: BSchwarz In: Securtiy
Found this at SecurityFocus. MySQL is vulnerable to a couple new exploits.
MySQL is prone to multiple vulnerabilities, including privilege-escalation and denial-of-service issues.
Exploiting the privilege-escalation vulnerability may allow attackers to perform certain actions with elevated privileges. Successful exploits of the denial-of-service issue will cause the database server to crash, denying service to legitimate users.
These issues affect versions prior to MySQL 5.0.52, MySQL 5.1.23, and MySQL 6.0.4.
To exploit these issues, attackers can use standard database client software in conjunction with standard operating system utilities.
Solution:
The vendor released updates to address these issues. Please see the references for more information.
Note that MySQL 6.0.4 and 5.1.23 have not been released yet.
Recent Comments