mp0x8049565
loop sys_sendto()
: call 0x8049542
call used to get the address of data (we jump here in the beginning)
:
data starts here..
Lesson:
---
Use the force, read the source!
--
Sergei Ledovskij +358(40)8245708 [EMAIL PROTECTED]
Makelankatu 91 PO. 21
upported is 3.23 branch now.
3.23.1 was releases more than a year ago.
And 3.23 doesn't has that bug.
>
> Recomendations:
> * Patch mysql to treat database names, started by '..' as incorrect
> database names.
3.23 does it.
> Patches:
> not yet
Why, t
checks table already exists or not
> exists, it checks _only_ tablename.frm :
Sorry for confusion - in my previous mail a told 3.23 is not vulnerable.
Yes, it IS vulnerable, the bug would be fixed asap.
Regards,
Sergei
--
MySQL Development Team
__ ___ ___ __
/ |/ /_ __/ __/
changes into stable version, thus breaking lots of
installations. It is to be done in 4.1.
Regards,
Sergei
On Mar 10, Guido A.J. Stevens wrote:
>
> I can confirm this privilege escalation in mysql-server 3.23.49-8.2
> (debian/stable on linux/i386). Any mysql user with file privi
next versions won't be.
Regards,
Sergei
MariaDB Security Coordinator
On Dec 01, Kurt Seifried wrote:
> On 12/01/2012 02:26 PM, king cope wrote:
> > (see attachment)
> >
> > Cheerio, Kingcope
>
> So normally for MySQL issues Oracle would assign the CVE #. However i
day
> http://seclists.org/fulldisclosure/2012/Dec/9
> https://bugzilla.redhat.com/show_bug.cgi?id=882608
This is hardly a "zeroday" issue, it was known for, like, ten years.
But I'll see what we can do here.
https://mariadb.atlassian.net/browse/MDEV-3909
Regards,
Sergei
MariaDB Security Coordinator
mple)
specified in the configuration file. This way any operation allowed by
the FILE privilege (like SELECT ... OUTFILE) will only be able to access
files under the /tmp/mysql/ path.
Regards,
Sergei
Hello.
Writing cgi scripts in perl is simple. It's also rather safe,
providing authors follow very simple instructions. But they don't.
Browsing some site, I found that their forums were based not on home-
made scripts, but rather commercial software product. Hey, said I to
myself, remember thos