Bug 190870 – CVE-2006-1518 Mysql buffer overflow

Bug 190870 - CVE-2006-1518 Mysql buffer overflow

Summary:	CVE-2006-1518 Mysql buffer overflow

Status:	CLOSED RAWHIDE

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	mysql (Show other bugs)
Sub Component:
Version:	5
Hardware:	All Linux

Priority	medium Severity high
Target Milestone:	---
Target Release:	---
Assigned To:	Tom Lane
QA Contact:	David Lawrence
Docs Contact:

URL:
Whiteboard:	impact=important,source=vendorsec,pub...
Keywords:	Security

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2006-05-05 15:45 EDT by Josh Bressers
Modified:	2013-07-02 23:09 EDT (History)
CC List:	3 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2006-05-17 22:02:47 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Josh Bressers 2006-05-05 15:45:04 EDT

Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to
5.0.20 might allow remote attackers to execute arbitrary code via crafted
COM_TABLE_DUMP packets with invalid length values.

http://www.wisec.it/vulns.php?page=8

Comment 1 starback 2006-05-08 03:40:04 EDT

Also for 4.1.x up to 4.1.18, so FC 4 is also affected.

Comment 2 Tom Lane 2006-05-17 22:02:47 EDT

5.0.21 is pushed into FC5, and 4.1.19 into FC4.

Note You need to log in before you can comment on or make changes to this bug.