MySQL: Two Denial of Service vulnerabilities — GLSA 200705-11

Two Denial of Service vulnerabilities have been discovered in MySQL.

Affected Packages

dev-db/mysql on all architectures
Affected versions < 5.0.38
Unaffected versions >= 5.0.38, < 5.0

Background

MySQL is a popular multi-threaded, multi-user SQL server.

Description

mu-b discovered a NULL pointer dereference in item_cmpfunc.cc when processing certain types of SQL requests. Sec Consult also discovered another NULL pointer dereference when sorting certain types of queries on the database metadata.

Impact

In both cases, a remote attacker could send a specially crafted SQL request to the server, possibly resulting in a server crash. Note that the attacker needs the ability to execute SELECT queries.

Workaround

There is no known workaround at this time.

Resolution

All MySQL users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.0.38"

References

Release Date
May 08, 2007

Latest Revision
May 08, 2007: 01

Severity
normal

Exploitable
remote

Bugzilla entries