CVE-2006-7232
Published: 31 December 2006
sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
Notes
Author | Note |
---|---|
jdstrand | DoS, but escalated to medium for customer |
Priority
Status
Package | Release | Status |
---|---|---|
mysql-dfsg-5.0 Launchpad, Ubuntu, Debian |
upstream |
Released
(5.0.32)
|
dapper |
Released
(5.0.22-0ubuntu6.06.8)
|
|
edgy |
Released
(5.0.24a-9ubuntu2.4)
|
|
feisty |
Not vulnerable
|
|
gutsy |
Not vulnerable
|