MySQL Replication Error Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1016790
|
|
SecurityTracker URL: http://securitytracker.com/id?1016790
|
|
CVE Reference: CVE-2006-4380
(Links to External Site)
|
Date: Sep 5 2006
|
Impact: Denial of service via local system
|
Fix Available: Yes
Exploit Included: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 4.1.3
|
Description: A vulnerability was reported in MySQL. A local user can cause denial of service conditions.
A local user can issue a query with multiupdate and subselects via replication to cause the slave database server(s) to crash.
Beat
Vontobel reported this vulnerability.
The original bug report is available at:
http://bugs.mysql.com/bug.php?id=10442
|
Impact: A local user can cause slave servers to crash during replication.
|
Solution: The vendor has issued a fixed version (4.1.13).
|
Vendor URL: lists.mysql.com/internals/26123 (Links to External Site)
|
Cause: Exception handling error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 5 Sep 2006 07:40:26 -0400
Subject: MySQL vulnerability
|
http://bugs.mysql.com/bug.php?id=10442
http://lists.mysql.com/internals/26123
CVE-2006-4380
|
|
