[19742] in bugtraq
Re: potential vulnerability of mysqld running with root
daemon@ATHENA.MIT.EDU (Trond Eivind =?iso-8859-1?q?Glomsr)
Wed Mar 21 14:19:40 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-ID: <xuyzoegi0pm.fsf@halden.devel.redhat.com>
Date: Tue, 20 Mar 2001 16:34:29 -0500
Reply-To: Trond Eivind =?iso-8859-1?q?Glomsr=F8d?= <teg@REDHAT.COM>
From: Trond Eivind =?iso-8859-1?q?Glomsr=F8d?= <teg@REDHAT.COM>
X-To: lesha@nn.ru
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <15897.010318@nn.ru>
"Pavlov, Lesha" <lesha@nn.ru> writes:
> Vulnerable versions:
> This DoS/exploit tested on mysql-3.20.32a but i see another versions of
> mysql also vulnerabile.
This could affect our RPMs for Red Hat PowerTools 6.1 and 6.2, which
used an ancient version of MySQL: It was the only version of MySQL
with a free license (we were allowed todistribute newer versions, but
chose not to because of their license).
The one shipped with Red Hat Linux 7, after MySQL changed their
standard license, is not affected as they don't run as root.
--
Trond Eivind Glomsrød
Red Hat, Inc.
