On Monday 12 February 2001 18:22, you wrote:
- Original Message -
From: "Joao Gouveia" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, February 09, 2001 9:54 PM
Subject: Some more MySql security issues
Hi,
MySql staff has been notified regarding this issues on
I am a little bit confused about this mail. Maybe the author
can explain some issues to me...
On Sat, Feb 10, 2001 at 12:54:33AM -, Joao Gouveia wrote:
roberto@spike:~ mysql -ublaah (Note: 'blaah' obviously isn't a valid
username)
You seem to have a strange configuration of mysql. By
On Sat, Feb 10, 2001 at 12:54:33AM -, Joao Gouveia wrote:
Hi,
MySql staff has been notified regarding this issues on 2001-01-26.
There still are some potential security flaws with MySql lastest stable
release.
Follows some tests i've made all with:
MySql v3.23.32
PHP v4.0.4pl1
At 05:40 PM 2/10/2001, Konrad Rieck wrote:
I am a little bit confused about this mail. Maybe the author
can explain some issues to me...
On Sat, Feb 10, 2001 at 12:54:33AM -, Joao Gouveia wrote:
roberto@spike:~ mysql -ublaah (Note: 'blaah' obviously isn't a valid
username)
You seem to
On Sun, Feb 11, 2001 at 12:40:48AM +0100, Konrad Rieck wrote:
I am a little bit confused about this mail. Maybe the author
can explain some issues to me...
On Sat, Feb 10, 2001 at 12:54:33AM -, Joao Gouveia wrote:
roberto@spike:~ mysql -ublaah (Note: 'blaah' obviously isn't a valid
On Mon, Feb 12, 2001 at 02:34:43PM -0600, Tim Yardley wrote:
This is a nice example of bad code, but not a security issue, I could
show up a 100 of programs that simply don't care for *argv parameters.
You don't gain anything by exploiting such overflows in non-suid programs.
watch what you
I am a little bit confused about this mail. Maybe the author
can explain some issues to me...
On Sat, Feb 10, 2001 at 12:54:33AM -, Joao Gouveia wrote:
roberto@spike:~ mysql -ublaah (Note: 'blaah' obviously isn't a valid
username)
You seem to have a strange configuration of mysql.