Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5925 to the following vulnerability: The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. References: http://bugs.mysql.com/bug.php?id=32125 http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067350.html http://xforce.iss.net/xforce/xfdb/38284
Created attachment 266161 [details] Patch against 5.0.45 Bug is private, but bug attachments are not: http://bugs.mysql.com/file.php?id=7802&text=1
Problem was fixed in all affected supported products: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2007-1155.html Red Hat Application Stack: http://rhn.redhat.com/errata/RHSA-2007-1157.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2007-4471 https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4465