Apologies in advance for spamming the list. My name is Brian Krebs, and I'm
a investive reporter who writes about computer security issues.
I've just interviewed the founder of a Russian security firm who says he's
getting close to posting pointers to and in some cases exploits for a large
number of 0day vulnerabilities in database and web server products,
including at least one -- possibly two -- remote buffer overflows in mysql.
I've interviewed clueful folks who vouch for this guy's chops, so I know
he's not making this up.
As you may have guessed by now, I'm fishing for a comment or response from
the mysql/dev community about this.
Can I trouble someone to ping me back at krebsonsecurity@stripped ?
Thanks in advance,
|• reaction to mysql remote buffer overflow 0day being posted online?||Brian Krebs||11 Jan|