Stack-based buffer overflow in MySQL
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mysql-5.1 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
According to https:/
MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.
A stack-based buffer overflow flaw was found in the user permission
checking code in MySQL. An authenticated database user could use this flaw
to crash the mysqld daemon or, potentially, execute arbitrary code with the
privileges of the user running the mysqld daemon. (CVE-2012-5611)
http://
https:/
Stack-based buffer overflow in MySQL 5.5.19, 5.1.53, and possibly other versions, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
RHSE rated this update as having
important security impact, so i'm marking this as a security vulnerability
This was fixed in http:// www.ubuntu. com/usn/ usn-1658- 1