In association with heise online

05 October 2010, 12:23

MySQL update addresses DoS vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

MySQL Logo Oracle has released version 5.1.51 of MySQL, a security update that addresses a Denial of Service (DoS) vulnerability in the open source database. According to security specialist Secunia, an error in the processing of arguments passed to the LEAST() or GREATEST() functions could be exploited by a malicious user to cause a server crash, leading to a DoS condition. All versions up to and including 5.1.50 are reportedly affected.

Other issues include a privilege escalation bug in versions prior to 5.1.50 that could be exploited to execute arbitrary SQL statements with superuser privileges. All users are encouraged to upgrade to the latest release.

More details about the update, including a full list of changes, can be found in the change log. MySQL 5.1.51 is available to download from the project's site and is licensed under the GPL.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit