Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-200608-09 Normal: MySQL Denial of Service Issue

gentoo
Calendar Grey August 6, 2006
Dist Gentoo Esm H88
MySQL on Gentoo may be compromised by erroneous parameters to str_to_date. It is recommended to update promptly to resolve this security risk.
An authenticated user can crash MySQL through invalid parameters to the date_format function.

Summary

Gentoo Linux Security Advisory GLSA 200608-09 https://security.gentoo.org/ Severity: Normal Title: MySQL: Denial of Service Date: August 06, 2006 Bugs: #142429 ID: 200608-09

Synopsis ======= An authenticated user can crash MySQL through invalid parameters to the date_format function.
Background ========= MySQL is a popular multi-threaded, multi-user SQL server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/mysql < 4.1.21 >= 4.1.21
========== Jean-David Maillefer discovered a format string vulnerability in time.cc where MySQL fails to properly handle specially formatted user input to the date_format function.
Impact ===== By specifying a forma...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service gentoo software update mysql database crash

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory denial of service gentoo software update mysql database crash

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here