Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Technical Analysis: MySQL Critical Buffer Overflow CVE-2012-5611

Scientific Large Esm H446
Important: mysql security update
Date: Fri, 7 Dec 2012 10:55:56 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Important: mysql on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: mysql security update
Issue Date: 2012-12-07
CVE Numbers: CVE-2012-5611
--

A stack-based buffer overflow flaw was found in the user permission checking
code in MySQL. An authenticated database user could use this flaw to
crash the
mysqld daemon or, potentially, execute arbitrary code with the privileges of
the user running the mysqld daemon. (CVE-2012-5611)

After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.
--

SL6
 x86_64
 mysql-5.1.66-2.el6_3.x86_64.rpm
 mysql-debuginfo-5.1.66-2.el6_3.i686.rpm
 mysql-debuginfo-5.1.66-2.el6_3.x86_64.rpm
 mysql-libs-5.1.66-2.el6_3.i686.rpm
 mysql-libs-5.1.66-2.el6_3.x86_64.rpm
 mysql-server-5.1.66-2.el6_3.x86_64.rpm
 mysql-bench-5.1.66-2.el6_3.x86_64.rpm
 mysql-devel-5.1.66-2.el6_3.i686.rpm
 mysql-devel-5.1.66-2.el6_3.x86_64.rpm
 mysql-embedded-5.1.66-2.el6_3.i686.rpm
 mysql-embedded-5.1.66-2.el6_3.x86_64.rpm
 mysql-embedded-devel-5.1.66-2.el6_3.i686.rpm
 mysql-embedded-devel-5.1.66-2.el6_3.x86_64.rpm
 mysql-test-5.1.66-2.el6_3.x86_64.rpm
 i386
 mysql-5.1.66-2.el6_3.i686.rpm
 mysql-debuginfo-5.1.66-2.el6_3.i686.rpm
 mysql-libs-5.1.66-2.el6_3.i686.rpm
 mysql-server-5.1.66-2.el6_3.i686.rpm
 mysql-bench-5.1.66-2.el6_3.i686.rpm
 mysql-devel-5.1.66-2.el6_3.i686.rpm
 mysql-embedded-5.1.66-2.el6_3.i686.rpm
 mysql-embedded-devel-5.1.66-2.el6_3.i686.rpm
 mysql-test-5.1.66-2.el6_3.i686.rpm

- Scientific Linux Development Team
Your message here