Vigil@nce: MySQL, several vulnerabilities
September 2009 by Vigil@nce
An attacker can use several vulnerabilities of MySQL, in order to
generate a denial of service, and eventually execute code.
Severity: 2/4
Consequences: privileged access/rights, denial of service of
service
Provenance: user account
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 3
Creation date: 22/09/2009
IMPACTED PRODUCTS
– MySQL Community Server
– MySQL Enterprise
DESCRIPTION OF THE VULNERABILITY
An attacker can use several vulnerabilities of MySQL.
An attacker can use malformed SELECT queries in order to stop the
server. [grav:1/4]
An attacker can use recursive SELECT queries, in order to fill the
stack (stack overflow), which stops the server. [grav:1/4; 46807]
An attacker can generate a buffer overflow with "IS NULL" and
ranges. [grav:2/4; 37044]
An attacker can thus generate a denial of service, and eventually
execute code.
CHARACTERISTICS
Identifiers: 37044, 46807, VIGILANCE-VUL-9040
http://vigilance.fr/vulnerability/MySQL-several-vulnerabilities-9040