aru Posted April 4, 2006 Report Share Posted April 4, 2006 Mandriva Advisories MDKSA-2006:064 : MySQL Updated MySQL packages fix logging bypass vulnerability April 3rd, 2006 MySQL allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:064 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0903 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts