Users login

Create an account »


Users login

Home » Hacking News » Security holes in MySQL, says German expert

Security holes in MySQL, says German expert

by Nikola Strahija on December 17th, 2002 Security holes discovered in the MySQL open-source database and client software could allow an attacker to launch a denial of service attack or gain administrative access to the database server, according to an alert posted by German security company e-matters.

MySQL is a popular database server, with more than four million installations worldwide, supporting high-profile Web sites and business applications. It can be run on a variety of operating systems including Microsoft's Windows as well as Linux and Unix.

The advisory by e-matters identifies four separate vulnerabilities in the MySQL code, two affecting the MySQL server component and two affecting the MySQL client. All four vulnerabilities could be used to execute denial of service attacks against the affected MySQL component, exploiting the flaws to crash the server or client. The vulnerabilities range from buffer overflows that can cause MySQL component crashes to others that could allow malicious code to be read and executed on an affected machine. One of the server vulnerabilities could also allow an attacker to break into the MySQL root account and compromise the databases running on that server. Used in combination with each other, the vulnerabilities could allow an attacker to break into a system running the MySQL database server software or elevate his or her access privileges on that system, e-matters said. The vulnerabilities have been fixed in the latest version MySQL Database Server and e-matters is urging users to update their installations

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »