CVE-2010-3679
Priority
Medium
Description
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a
denial of service (mysqld daemon crash) via certain arguments to the BINLOG
command, which triggers an access of uninitialized memory, as demonstrated
by valgrind.
denial of service (mysqld daemon crash) via certain arguments to the BINLOG
command, which triggers an access of uninitialized memory, as demonstrated
by valgrind.
References
Bugs
Notes
jdstrand> mysql-cluster-7.0 not supported per server team
mdeslaur> code doesn't seem present in 5.0.x
mdeslaur> code doesn't seem present in 5.0.x
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored |
| Ubuntu 11.04 (Natty Narwhal): | ignored |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (5.1.49) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (5.1.41-3ubuntu12.7) |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Patches:
| Upstream: | http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/3436 |
Package
| Upstream: | not-affected |
| Ubuntu 8.04 LTS (Hardy Heron): | not-affected |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | DNE |
| Ubuntu 11.10 (Oneiric Ocelot): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
Package
| Upstream: | released (5.1.49) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 11.04 (Natty Narwhal): | not-affected (5.1.49-1ubuntu8) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (5.1.49-1ubuntu8) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (5.1.49-1ubuntu8) |