List:Commits« Previous MessageNext Message »
From:paul.dubois Date:May 11 2010 4:47pm
Subject:svn commit - mysqldoc@docsrva: r20554 - in trunk: . dynamic-docs/changelog
View as plain text  
Author: paul
Date: 2010-05-11 18:47:28 +0200 (Tue, 11 May 2010)
New Revision: 20554

Log:
 r58842@frost:  paul | 2010-05-11 11:44:35 -0500
 Revise changelog entries


Modified:
   trunk/dynamic-docs/changelog/mysqld-2.xml

Property changes on: trunk
___________________________________________________________________
Name: svk:merge
   - 07c7e7b4-24e3-4b51-89d0-6dc09fec6bec:/mysqldoc-local/mysqldoc/trunk:35498
07c7e7b4-24e3-4b51-89d0-6dc09fec6bec:/mysqldoc-local/trunk:38898
4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:43968
4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/trunk:44480
7d8d2c4e-af1d-0410-ab9f-b038ce55645b:/mysqldoc-local/mysqldoc:58839
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:14218
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:39036
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/trunk:39546
   + 07c7e7b4-24e3-4b51-89d0-6dc09fec6bec:/mysqldoc-local/mysqldoc/trunk:35498
07c7e7b4-24e3-4b51-89d0-6dc09fec6bec:/mysqldoc-local/trunk:38898
4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:43968
4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/trunk:44480
7d8d2c4e-af1d-0410-ab9f-b038ce55645b:/mysqldoc-local/mysqldoc:58842
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:14218
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:39036
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/trunk:39546


Modified: trunk/dynamic-docs/changelog/mysqld-2.xml
===================================================================
--- trunk/dynamic-docs/changelog/mysqld-2.xml	2010-05-11 16:47:15 UTC (rev 20553)
+++ trunk/dynamic-docs/changelog/mysqld-2.xml	2010-05-11 16:47:28 UTC (rev 20554)
Changed blocks: 2, Lines Added: 28, Lines Deleted: 4; 2230 bytes

@@ -14191,10 +14191,31 @@
     <message>
 
       <para>
-        <literal>COM_FIELD_LIST</literal> could be abused to bypass
-        table level privileges.
+        The server failed to check the table name argument of a
+        <literal>COM_FIELD_LIST</literal> command packet for validity
+        and compliance to acceptable table name standards. This could be
+        exploited to bypass almost all forms of checks for privileges
+        and table-level grants by providing a specially crafted table
+        name argument to <literal>COM_FIELD_LIST</literal>.
       </para>
 
+      <para>
+        In MySQL 5.0 and above, this allowed an authenticated user with
+        <literal role="priv">SELECT</literal> privileges on one table to
+        obtain the field definitions of any table in all other databases
+        and potentially of other MySQL instances accessible from the
+        server's file system.
+      </para>
+
+      <para>
+        Additionally, for MySQL version 5.1 and above, an authenticated
+        user with <literal role="priv">DELETE</literal> or
+        <literal role="priv">SELECT</literal> privileges on one table
+        could delete or read content from any other table in all
+        databases on this server, and potentially of other MySQL
+        instances accessible from the server's file system.
+      </para>
+
     </message>
 
   </logentry>

@@ -14219,8 +14240,11 @@
     <message>
 
       <para>
-        <literal>COM_FIELD_LIST</literal> could be abused to cause a
-        server stack overflow, resulting in a crash or code exploit.
+        The server was susceptible to a buffer-overflow attack due to a
+        failure to perform bounds checking on the table name argument of
+        a <literal>COM_FIELD_LIST</literal> command packet. By sending
+        long data for the table name, a buffer is overflown, which could
+        be exploited by an authenticated user to inject malicious code.
       </para>
 
     </message>


Thread
svn commit - mysqldoc@docsrva: r20554 - in trunk: . dynamic-docs/changelogpaul.dubois11 May