blob: f91e3031904e607d542508eba6966729ed2156fb [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200705-11">
<title>MySQL: Two Denial of Service vulnerabilities</title>
Two Denial of Service vulnerabilities have been discovered in MySQL.
<product type="ebuild">MySQL</product>
<announced>May 08, 2007</announced>
<revised>May 08, 2007: 01</revised>
<package name="dev-db/mysql" auto="yes" arch="*">
<unaffected range="ge">5.0.38</unaffected>
<unaffected range="lt">5.0</unaffected>
<vulnerable range="lt">5.0.38</vulnerable>
MySQL is a popular multi-threaded, multi-user SQL server.
mu-b discovered a NULL pointer dereference in when
processing certain types of SQL requests. Sec Consult also discovered
another NULL pointer dereference when sorting certain types of queries
on the database metadata.
<impact type="normal">
In both cases, a remote attacker could send a specially crafted SQL
request to the server, possibly resulting in a server crash. Note that
the attacker needs the ability to execute SELECT queries.
There is no known workaround at this time.
All MySQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-db/mysql-5.0.38&quot;</code>
<uri link="">Original Report</uri>
<uri link="">CVE-2007-1420</uri>
<metadata tag="requester" timestamp="Tue, 24 Apr 2007 19:47:08 +0000">
<metadata tag="submitter" timestamp="Wed, 25 Apr 2007 21:17:16 +0000">
<metadata tag="bugReady" timestamp="Wed, 25 Apr 2007 21:17:35 +0000">