IUS Community Project

MySQL Stack based buffer overrun PoC Zeroday

Bug #1086113 reported by bharper
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
IUS Community Project
Fix Released
Undecided
Unassigned

Bug Description

There are reports coming out of some zerodays effecting MySQL:

http://seclists.org/fulldisclosure/2012/Dec/42

We are currently looking into these and will update this bug when additional information becomes available.

-Ben

bharper (bharper)
Changed in ius:
status: New → In Progress
Revision history for this message
Jeffrey Ness (jeffrey-ness) wrote :

According to https://bugzilla.redhat.com/show_bug.cgi?id=881064 Oracle does have a bug tracker;
however, it is marked private:

  http://bugs.mysql.com/bug.php?id=67685

Oracle clearly does not have the communities interest in the software they acquired.

Revision history for this message
bharper (bharper) wrote :

This issue got patched in MySQL 5.5.29[0]:

Very long database names in queries could cause the server to exit. (Bug #15912213, Bug #16900358)

-Ben
[0] http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-29.html

Changed in ius:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.