Oracle MySQL – ‘ALTER DATABASE’ Remote Denial of Service

Exploit Database
12 阅读

作者： Shane Bester

日期： 2010-08-03
类别：
- dos
平台：
- multiple
来源：https://www.exploit-db.com/exploits/14537/

A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions.

This issue affects versions prior to MySQL 5.1.48. 

A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target server to move a data directory into a new subdirectory, causing the data directory to become unusable.

A demonstration exploit request is provided [where "<special>" is "." or ".." or is a sequence that begins with "./" or "../"]:

ALTER DATABASE `#mysql50#<special>` UPGRADE DATA DIRECTORY NAME

Vendor advisory at:

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html

last Exploits
Oracle MySQL – ‘ALTER DATABASE’ Remote Denial of Service的更多信息

WebKit – ‘detachWrapper’ Use-After-Free：
ScreenStream 3.0.15 – Denial of Service：
Microsoft Windows Kernel – ‘win32k!OffsetChildren’ Null Pointer Dereference：
PHP 5.3.3/5.2.14 – ZipArchive::getArchiveComment Null Pointer Dereference：
Microsoft Edge Chakra JIT – ‘GlobOpt::OptTagChecks’ Must Consider IsLoopPrePass Properly (2)：
Microsoft Internet Explorer 11 – MSHTML!CObjectElement Use-After-Free (MS15-124)：
jetVideo 8.0.2 – Denial of Service：
Wireshark 1.12.0 < 1.12.12 - NDS Dissector Denial of Service：