ISC Diary | Zero Day MySQL Buffer Overflow(情報元のブックマーク数)
φ(..)メモメモ。
A new stack-based buffer overflow vulnerability was released on Full Disclosure yesterday for MySQL. Depending of the user privileges, the flaw can cause MySQL to enumerate users, crash or possibly execute arbitrary code with the privileges of the user running MySQL.
InfoSec Handlers Diary Blog - Zero Day MySQL Buffer Overflow
The following CVEs have been assigned to track this MySQL vulnerability:
CVE-2012-5611 MySQL (Linux) Stack based buffer overrun PoC Zeroday
CVE-2012-5612 MySQL (Linux) Heap Based Overrun PoC Zeroday
CVE-2012-5613 MySQL (Linux) Database Privilege Elevation Zeroday Exploit
CVE-2012-5614 MySQL Denial of Service Zeroday PoC
CVE-2012-5615 MySQL Remote Preauth User Enumeration Zeroday