New version of MySQL fixes DoS vulnerabilities
Version 5.0.37 of the widely used open source SQL database MySQL includes fixes for numerous bugs as well as for various potential vulnerabilities, which could have been exploited by attackers to crash the database. According to security services provider SEC-CONSULT, a single SQL command containing a prepared ORDER-BY statement was sufficient to cause this.
In order to crash the system an attacker would have to be able to pass the command to the database interface directly – however numerous web applications include SQL injection vulnerabilities with which this can be done, using, for example, manipulated user entries. Further information on vulnerabilities in web applications and how to avoid them can be found in the article Web application security on heise Security.
- Release Notes for MySQL Community Server 5.0.37 , release notes for MySQL
- MySQL 5 Single Row Subselect Denial of Service, security advisory from SEC-Consult
(ehe)