MySQL Security Issue and Two Vulnerabilities

By arman

A security issue and two vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges, manipulate certain data, or to cause a DoS (Denial of Service).

A security issue exists due to the command “ALTER VIEW” retaining the original “DEFINER” value, which may allow another user to gain the access rights of the view.
An error in the FEDERATED engine when handling responses of remote servers can be exploited to crash the local server when the response contains fewer columns than expected.
An error when renaming a table can be exploited by malicious users to manipulate certain data.

This entry was posted on January 31, 2008 at 9:55 pm and is filed under MySQL Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “MySQL Security Issue and Two Vulnerabilities”

MySQL Security Issue and Two Vulnerabilities | MySQL Security Says:
February 7, 2008 at 12:18 am
[...] here to see the original: MySQL Security Issue and Two Vulnerabilities mysql toolmysql toolRelated Posts Intrusion Detection [...]

Arman0’s Weblog

MySQL Security Issue and Two Vulnerabilities

One Response to “MySQL Security Issue and Two Vulnerabilities”

Leave a Reply