Common Vulnerabilities and Exposures assigned an identifier CVE-2008-3963 to the following vulnerability: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement. References: http://www.openwall.com/lists/oss-security/2008/09/09/4 http://www.openwall.com/lists/oss-security/2008/09/09/7 http://bugs.mysql.com/bug.php?id=35658 http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html https://bugs.gentoo.org/237166
This issue is 64bit architecture specific one. Sample test output (mysql-server-5.0.45-7.el5.x86_64): # service mysqld start # mysql -u root mysql Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.0.45 Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> select b''; ERROR 2013 (HY000): Lost connection to MySQL server during query /***** ^-connection crash -^ *****/ mysql> select x''; ERROR 2006 (HY000): MySQL server has gone away No connection. Trying to reconnect... Connection id: 1 Current database: mysql +-----+ | x'' | +-----+ | | +-----+ 1 row in set (0.00 sec)
Detail information about (un)affected versions: This issue DOES NOT affect the versions of the mysql-server package, as shipped with Red Hat Enteprise Linux 2.1, 3 and 4. (Unsupported functionality on these versions of the MySQL server). This issue AFFECTS the versions of the mysql-server package, as shipped with Red Hat Enterprise Linux 5.1 and within Fedora releases of 8, 9 and 10.
This issue has been addressed in following products: Red Hat Web Application Stack for RHEL 5 Via RHSA-2009:1067 https://rhn.redhat.com/errata/RHSA-2009-1067.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1289 https://rhn.redhat.com/errata/RHSA-2009-1289.html