3 messages in com.mysql.lists.win32Vulnerabilities !| From | Sent On | Attachments |
|---|---|---|
| Lahu | 24 Jul 2004 22:55 | |
| Lahu | 29 Jul 2004 01:38 | |
| Jim Winstead | 29 Jul 2004 07:38 |
| Subject: | Vulnerabilities ! |
|---|---|
| From: | Lahu (lahu...@yahoo.com) |
| Date: | 07/24/2004 10:55:43 PM |
| List: | com.mysql.lists.win32 |
Hello All,
I m kickin in after a long time.
Can anyone of u, suggest me a patch for these MySQL Vulnerabilities ? I m using 4.0.13-nt for production use and for inevitable reasons cannot migrate to a newer version at this moment. Please help...!
====================================================== 1. MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability - insufficient bounds checking of user-supplied parameters. An attacker could potentially be capable of exploiting this issue to execute arbitrary code on a remote system.
2. MySQL Password Handler Buffer Overflow Vulnerability - A password greater than 16 characters my overrun the bounds of a reserved buffer in memory and adjacent memory. =======================================================
Thanx in advance...!
__________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail