CVE-2006-3469 - CVE Reference - Advisories

CVE Reference: CVE-2006-3469

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3469

Description: Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-321-1 SAID Secunia Advisory: SA21147 Secunia Advisory: SA21366 Secunia Advisory: SA24479 MISC http://bugs.mysql.com/bug.php?id=20729 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 GENTOO http://security.gentoo.org/glsa/glsa-200608-09.xml DEBIAN http://www.debian.org/security/2006/dsa-1112 CONFIRM http://docs.info.apple.com/article.html?artnum=305214 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html CERT http://www.us-cert.gov/cas/techalerts/TA07-072A.html BID 19032 APPLE http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	Drupal Session Fixation Vulnerability

3.	OpenBSD BIND Query Port DNS Cache Poisoning

4.	Ubuntu update for php

5.	IPCop update for perl

6.	Red Hat update for kernel

7.	Slackware update for dnsmasq

8.	Debian update for xulrunner

9.	Red Hat update for thunderbird

10.	Fedora update for asterisk