List:Packagers« Previous MessageNext Message »
From:Lenz Grimmer Date:March 31 2006 5:22pm
Subject:Re: Patches for CVE-2006-0903 "logging bypass via NULL char" available?
View as plain text  
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Christian,

thanks for your message!

On Tue, 28 Mar 2006, Christian Hammers wrote:

> I've just got aware of the following security issue:
> 
>  CVE-2006-0903
>  "MySQL 5.0.18 and earlier allows local users to bypass logging 
>  mechanisms via SQL queries that contain the NULL character, 
>  which are not properly handled by the mysql_real_query function."
>  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0903
> 
> As http://bugs.mysql.com/ does currently not respond I cannot lookup
> the corresponding MySQL bug report. Does anybody know if this issue
> exists in 4.0 and 4.1 and if so, if patches exists that could be used
> in the distributions security advisories?
> 
> BTW: I cannot find a reference to this in the official Changelog neither?

This one never came through to us via security@stripped. However, there is
a related bug report here: http://bugs.mysql.com/bug.php?id=17667 - a patch
has been commited and will be included in upcoming releases.

Note that this only affects the general (plaintext) log, not the binary log.

Bye,
	LenZ
- -- 
 Lenz Grimmer <lenz@stripped>
 Community Relations Manager, EMEA
 MySQL GmbH, http://www.mysql.de/, Hamburg, Germany
 MySQL Users Conference 2006 (Santa Clara CA, 24-27 April) - http://www.mysqluc.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQFELWVxSVDhKrJykfIRAjCgAJ0Uan4dfSUrQTka/zVL9qM6wdXFiwCeNOMe
TTRqWcFyaldnzvv291uIrdM=
=AElD
-----END PGP SIGNATURE-----
Thread
Patches for CVE-2006-0903 "logging bypass via NULL char" available?Christian Hammers28 Mar
  • Re: Patches for CVE-2006-0903 "logging bypass via NULL char" available?Lenz Grimmer31 Mar