Thursday, April 24, 2008

MySQL on Solaris 10 -- Buffer Overflow and Security Bypass Vulnerabilities

So found some recently discovered buffer overflow and security bypass vulnerabilities when running MySQL on Solaris 10. According to FrSIRT, these vulnerabilities "could be exploited by attackers or malicious users to bypass security restrictions, gain knowledge of sensitive information, cause a denial of service, or execute arbitrary code." A final resolution for these vulnerabilities is pending completion according to their website.

Unfortunately, I do not have a FrSIRT account currently (need to get one ASAP) so I couldn't dig this vulnerability further. However, I am dying to learn more about this.

No comments: