MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities

Posted by Admin Reports – January 20, 2008

Found this at SecurityFocus. MySQL is vulnerable to a couple new exploits.

MySQL is prone to multiple vulnerabilities, including privilege-escalation and denial-of-service issues.

Exploiting the privilege-escalation vulnerability may allow attackers to perform certain actions with elevated privileges. Successful exploits of the denial-of-service issue will cause the database server to crash, denying service to legitimate users.

These issues affect versions prior to MySQL 5.0.52, MySQL 5.1.23, and MySQL 6.0.4.

To exploit these issues, attackers can use standard database client software in conjunction with standard operating system utilities.

Solution:
The vendor released updates to address these issues. Please see the references for more information.
Note that MySQL 6.0.4 and 5.1.23 have not been released yet.

1 Comment on MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities

  1. BSchwarz says:
    January 21, 2008 at 11:19 am

    I upgraded mysql across my servers.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>