Computer Security

MySQL subselect DoS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



MySQL subselect DoS
Published:09.03.2007
Source:BUGTRAQ
SecurityVulns ID:7368
Type:local
Level:5/10
Description:NULL pointer dereference if string function is applied to select with "order by" result.
Affected:ORACLE : MySQL 5.0
CVE:CVE-2007-1420 (MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.)
Original documentdocumentDaniel Fabian, SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service (09.03.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru