full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] rPSA-2007-0107-1 mysql mys

[Full-disclosure] rPSA-2007-0107-1 mysql mysql-bench mysql-server

From: rPath Update Announcements <announce-noreply_at_nospam>
Date: Wed May 23 2007 - 19:31:46 GMT
To: security-announce@lists.rpath.com, update-announce@lists.rpath.com


rPath Security Advisory: 2007-0107-1
Published: 2007-05-23
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:

    Local User Deterministic Denial of Service Updated Versions:

    mysql=/conary.rpath.com@rpl:devel//1/5.0.41-2-0.1     mysql-bench=/conary.rpath.com@rpl:devel//1/5.0.41-2-0.1     mysql-server=/conary.rpath.com@rpl:devel//1/5.0.41-2-0.1

References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 https://issues.rpath.com/browse/RPL-1127 https://issues.rpath.com/browse/RPL-1356

Description:

    Previous versions of the mysql package are vulnerable to two     authenticated-user denial of service attacks in which specially crafted     queries can be used to crash the server.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/