Red Hat Bugzilla – Bug 190863
CVE-2006-1516 mysql anonymous login information leak
Last modified: 2013-07-02 23:09:07 EDT
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x
up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of
memory via a username without a trailing null byte, which causes a buffer over-read.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.