aru Posted September 13, 2005 Share Posted September 13, 2005 Mandriva Security Advisories MDKSA-2005:163 : MySQL Updated MySQL packages fix vulnerability September 12th, 2005 A stack-based buffer overflow was discovered in the init_syms function in MySQL that allows authenticated users that can create user-defined functions to execute arbitrary code via a long function_name field. The updated packages have been patched to address these issues. The released versions of Mandriva GNU/Linux affected are: 10.1 CS3.0 10.2 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:163 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2558 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts