List:General Discussion« Previous MessageNext Message »
From:Brian Krebs Date:January 11 2010 5:05am
Subject:reaction to mysql remote buffer overflow 0day being posted online?
View as plain text  
Apologies in advance for spamming the list. My name is Brian Krebs, and I'm
a investive reporter who writes about computer security issues.

I've just interviewed the founder of a Russian security firm who says he's
getting close to posting pointers to and in some cases exploits for a large
number of 0day  vulnerabilities in database and web server products,
including at least one -- possibly two -- remote buffer overflows in mysql.
I've interviewed clueful folks who vouch for this guy's chops, so I know
he's not making this up.

As you may have guessed by now, I'm fishing for a comment or response from
the mysql/dev community about this. 

Can I trouble someone to ping me back at krebsonsecurity@stripped ?

Thanks in advance,

Brian Krebs

reaction to mysql remote buffer overflow 0day being posted online?Brian Krebs11 Jan