full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] rPSA-2007-0107-1 mysql mys

[Full-disclosure] rPSA-2007-0107-1 mysql mysql-bench mysql-server

From: rPath Update Announcements <announce-noreply_at_nospam>
Date: Wed May 23 2007 - 19:31:46 GMT
To: security-announce@lists.rpath.com, update-announce@lists.rpath.com

rPath Security Advisory: 2007-0107-1
Published: 2007-05-23
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:

    Local User Deterministic Denial of Service Updated Versions:

    mysql=/conary.rpath.com@rpl:devel//1/5.0.41-2-0.1     mysql-bench=/conary.rpath.com@rpl:devel//1/5.0.41-2-0.1     mysql-server=/conary.rpath.com@rpl:devel//1/5.0.41-2-0.1

References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 https://issues.rpath.com/browse/RPL-1127 https://issues.rpath.com/browse/RPL-1356


    Previous versions of the mysql package are vulnerable to two     authenticated-user denial of service attacks in which specially crafted     queries can be used to crash the server.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/