Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Tue, 9 Sep 2008 14:18:40 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: MySQL empty bit-string literal server crash

Hi,

we consider the following bug a security issue. I'm not sure whether 
MySQL upstream feels so as well. Quoting the ChangeLog:

  An empty bit-string literal (b'') caused a server crash. Now the value  
  is parsed as an empty bit value (which is treated as an empty string
  in string context or 0 in numeric context). (Bug#35658)


Bug:
  http://bugs.mysql.com/bug.php?id=35658

ChangeLogs:
* 5.0.66
  http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html
* 5.1.26
  http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html
* 6.0.6
  http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html


Gentoo handles this as bug 237166 [ https://bugs.gentoo.org/237166 ].


Thanks,
Robert

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux