CVE Reference: CVE-2007-6304

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2007-6304

Description:
The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/38990

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-559-1

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html

ST
  1019085

SAID
  Secunia Advisory: SA28063
  Secunia Advisory: SA28128
  Secunia Advisory: SA28343
  Secunia Advisory: SA28637
  Secunia Advisory: SA28739
  Secunia Advisory: SA28838
  Secunia Advisory: SA29706

OSVDB
  42609

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2008:028
  http://www.mandriva.com/security/advisories?name=MDVSA-2008:017

GENTOO
  http://security.gentoo.org/glsa/glsa-200804-04.xml

DEBIAN
  http://www.debian.org/security/2008/dsa-1451

CONFIRM
  http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040
  http://lists.mysql.com/announce/502
  http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html
  http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html
  http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html
  http://bugs.mysql.com/bug.php?id=29801

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded

BID
  26832


Return to the previous page.