MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability

A remotely exploitable denial of service vulnerability exists in MaxDB. The cause of this condition is an input validation error that is exposed when an internal function in the WebDBM handles a client-supplied 'Server' name in an HTTP request that includes specific values.

This will reportedly trigger an exception due to an assert directive failing, resulting in a denial of service condition in the web agent.

This issue was reportedly tested on Windows and Linux versions. Other versions could also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus