MySQL update addresses DoS vulnerability
Oracle has released version 5.1.51 of MySQL, a security update that addresses a Denial of Service (DoS) vulnerability in the open source database. According to security specialist Secunia, an error in the processing of arguments passed to the
GREATEST() functions could be exploited by a malicious user to cause a server crash, leading to a DoS condition. All versions up to and including 5.1.50 are reportedly affected.
Other issues include a privilege escalation bug in versions prior to 5.1.50 that could be exploited to execute arbitrary SQL statements with superuser privileges. All users are encouraged to upgrade to the latest release.
- MySQL Multiple Vulnerabilities, the security advisory from Secunia.
- First release candidate of MySQL 5.5 with InnoDB as a default, a report from The H.