Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: MySQL, denial of service via bit-string

September 2008 by Vigil@nce

A local attacker can use an invalid bit-string query in order to stop MySQL.

- Gravity: 1/4
- Consequences: denial of service of service
- Provenance: user account
- Means of attack: 1 attack
- Ability of attacker: technician (2/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 10/09/2008
- Identifier: VIGILANCE-VUL-8103

IMPACTED PRODUCTS

- MySQL Community Server [confidential versions]
- MySQL Enterprise Server [confidential versions]

DESCRIPTION

A SQL query can contain a bit-string (number represented as a string of bits): SELECT * FROM table WHERE v=b’10101’; Hexadecimal values can also be represented as strings: SELECT * FROM table WHERE v=x’1234567890abcdef’; SELECT * FROM table WHERE v=X’1234567890ABCDEF’;

However, if the indicated string is empty (b’’), a logic error occurs and stops MySQL.

An attacker allowed to send queries can therefore create a denial of service.

CHARACTERISTICS

- Identifiers: 35658, BID-31081, CVE-2008-3963, VIGILANCE-VUL-8103
- Url: https://vigilance.aql.fr/tree/1/8103




See previous articles

    

See next articles