- Related Stories
-
OpenBSD update promises better protection
May 3, 2006 -
MySQL CEO offers mixed view of Oracle
April 26, 2006 -
MySQL to set Falcon free
April 21, 2006 -
IBM patches Lotus flaw
February 10, 2006 -
Serious Winamp flaw gets fix
January 30, 2006 -
'High' risk in Symantec antivirus software flaw
December 21, 2005
The open-source database company released its MySQL version 5.0.21 update earlier this week. The update is designed to address security flaws in database server software versions 5.1.9; 5.0.20; 4.1.18; 4.0.26 and prior versions.
Security researcher FrSIRT rates the flaws as "moderate" risk. MySQL version 5.0, which was released late last year, is in widespread use.
FrSIRT noted that one of the three flaws involves a buffer overflow flaw, which could be exploited by attackers to execute arbitrary commands from a user's system.
The two other flaws can be exploited when a validation error occurs when inputting information. The vulnerabilities could allow attackers to disclose portions of the system's memory in the error messages.
See more CNET content tagged:
MySQL, flaw, attacker, buffer-overflow, open source
- not MS???
- You mean some else has buffer overflow problems? Its not just an MS thing? Say it aint so, Joe
- Like this Reply to this comment
- not MS???
- You mean some else has buffer overflow problems? Its not just an MS thing? Say it aint so, Joe
- Like this Reply to this comment
