First Last Prev Next    This bug is not in your last search results.
Bug 85898 - double-free vulnerability in mysqld < 3.23.55
double-free vulnerability in mysqld < 3.23.55
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: mysql (Show other bugs)
7.3
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Patrick Macdonald
David Lawrence
http://cve.mitre.org/cgi-bin/cvename....
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-03-10 10:51 EST by Patrick Macdonald
Modified: 2007-04-18 12:51 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-03-25 11:15:46 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Patrick Macdonald 2003-03-10 10:51:43 EST 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.2) Gecko/20030208
Netscape/7.02

Description of problem:
The URL provides the following summary:

Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers
with MySQL access to cause a denial of service (crash) via mysql_change_user.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.look at the code
2.
3.
    

Additional info:
Comment 1 Patrick Macdonald 2003-03-10 10:53:25 EST 
Have a patch ready... building errata on 7.0/7.1/7.2/7.3/8.0/AS
Comment 2 Patrick Macdonald 2003-03-25 11:15:46 EST 
Held this patch back and waited for MySQL 3.23.56 (which also includes a fix for a
root exploit). This will be available via the errata system.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.