PublicDate: 2006-02-27 23:02:00 UTC
Candidate: CVE-2006-0903
References:
 https://ubuntu.com/security/notices/USN-274-1
 https://ubuntu.com/security/notices/USN-274-2
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0903
Description:
 MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms
 via SQL queries that contain the NULL character, which are not properly
 handled by the mysql_real_query function.  NOTE: this issue was originally
 reported for the mysql_query function, but the vendor states that since
 mysql_query expects a null character, this is not an issue for mysql_query.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.3)
edgy_mysql-dfsg-5.0: released (5.0.24a-9ubuntu0.1)
feisty_mysql-dfsg-5.0: released (5.0.38-0ubuntu1)
devel_mysql-dfsg-5.0: released (5.0.38-0ubuntu1)
upstream_mysql-dfsg-5.0: needs-triage