Saturday, 19 May 2012
Home arrow Advertises arrow Vulnerabilities arrow Vulnerabilities in MySQL 8/18/06
Security software
Anti spam tools
Anti spyware tools
Antivirus
Backup
Encryption
Firewall
Free software
Passwords managers
Popup ad blockers
Other
Other
Submit software
Security news
Security information
Contact us


RSS
Security software
Security software


Sell software online
Affiliate Programs
Hand guns


Vulnerabilities in MySQL 8/18/06
Monday, 21 August 2006
MySQL, the popular open-source database management system, has announced the correction of two vulnerabilities in the forthcoming 5.0.25 version.

The first vulnerability would allow a user to access a stored routine using the GRANT EXECUTE command, and execute it with the privileges of the original user that defined the routine.

The second vulnerability affects Linux and other case-sensitive file systems. In this case a user with rights on the database could create or access different databases with the same name as the original, but where one or more letters differ in case. Under certain circumstances, a user can access databases to which they are not authorized.

In both cases the vulnerabilities can only be exploited by users with authenticated access to the system, minimizing the risk of indiscriminate attacks from third parties.

More details about the vulnerabilities and other corrections included in MySQL 5.0.25 are available in the original advisory at: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html
 
< Prev   Next >
[ Back ]
Security articles
  • Rootkits the new weapon for cyber criminals (q)
  • Sniffing (q)
  • Definition: PGP (q)
  • Cryptanalysis (q)
  • Backup Hints (q)
    • © 2004-2007 Daita.org