In MySQL 4.0.0 through 5.0.83, multiple format string vulnerabilities in the dispatch_command() function in libmysqld/sql_parse.cc in mysqld allow remote authenticated users to cause a denial of service (daemon crash) and potentially the execution of arbitrary code via format string specifiers in a database name in a COM_CREATE_DB or COM_DROP_DB request. For the stable distribution (lenny), this problem has been fixed in version 5.0.51a-24+lenny2. For the old stable distribution (etch), this problem has been fixed in version 5.0.32-7etch11. We recommend that you upgrade your mysql packages.
In MySQL 4.0.0 through 5.0.83, multiple format string vulnerabilities in the dispatch_command() function in libmysqld/sql_parse.cc in mysqld allow remote authenticated users to cause a denial of service (daemon crash) and potentially the execution of arbitrary code via format string specifiers in a database name in a COM_CREATE_DB or COM_DROP_DB request.
For the stable distribution (lenny), this problem has been fixed in version 5.0.51a-24+lenny2.
For the old stable distribution (etch), this problem has been fixed in version 5.0.32-7etch41.
We recommend that you upgrade your mysql packages.
MD5 checksums of the listed files are available in the original advisory.