Mysql Local Buffer Overflow Vulnerability

MySQL is a widely used Open Source database tool. Versions of MySQL up to and including 3.23.30 are vulnerable to a buffer overflow attack.

By supplying an excessively long string as an argument for a SELECT statement, it is possible for a local attacker to overflow mysql's query string buffer.

As a result of this overflow, excessive data copied onto the stack can overwrite critical parts of the stack frame such as the calling function's return address. Since this data is supplied by the user, it can be made to alter the program's flow of execution.


 

Privacy Statement
Copyright 2010, SecurityFocus