MySQL command-line client HTML injection vulnerability Sep 30 2008 08:29AM
Thomas Henlich (thomas henlich de) (1 replies)
RE: MySQL command-line client HTML injection vulnerability Sep 30 2008 10:59PM
Quark IT - Hilton Travis (Hilton QuarkIT com au) (1 replies)
Re: MySQL command-line client HTML injection vulnerability Oct 08 2008 08:26PM
Michael Scheidell (scheidell secnap net)
> Hi Thomas,
>
> This bug was fixed in a MySQL release dated 01 May 2008. It is now 01
> Oct 2008 - 5 months after the bug was released. So why exactly is this
> news? Did I miss something here?

Not fixed in any version I know of.
Patch has been available for 5 months, but this has not gotten into any
production version (or am I wrong?)
Try this on your system:

mysql --html --execute "select '<a>'"

If you get this, then its not patched:
<TABLE BORDER=1><TR><TH><a></TH></TR><TR><TD><a></TD></TR></TABLE>

If you get this (on 5.1, a little different than 5.0) than its patched:
(note the escaped <a>)
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer

<TABLE
BORDER=1><TR><TH><a></TH></TR><TR><TD><a></TD></TR></TABLE>

________________________________________________________________________
_
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
________________________________________________________________________
_

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus