Vigil@nce - MySQL: four vulnerabilities
May 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
Four vulnerabilities of MySQL can be used by a local attacker in
order to access to tables, to execute code, or to generate a
denial of service.
Severity: 2/4
Creation date: 17/05/2010
DESCRIPTION OF THE VULNERABILITY
Four vulnerabilities were announced in MySQL.
An attacker can use the COM_FIELD_LIST command, in order to read
or delete a table. [severity:2/4; 53371, BID-40109, CVE-2010-1848]
An attacker can generate a buffer overflow in the COM_FIELD_LIST
command, in order to execute code. [severity:2/4; 53237,
BID-40106, CVE-2010-1850]
An attacker can use a long packet, in order to generate an
infinite loop. [severity:1/4; 50974, BID-40100, CVE-2010-1849]
An attacker can use an EXPLAIN on a query containing a sub-query,
in order to stop the service. [severity:1/4; 48419]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/MySQL-four-vulnerabilities-9644