FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mysql -- FTS request denial of service vulnerability

Affected packages
4.* <= mysql-server < 4.0.21

Details

VuXML ID 29edd807-438d-11d9-8bb9-00065be4b5b6
Discovery 2004-03-23
Entry 2004-12-16

A special crafted MySQL FTS request can cause the server to crash. Malicious MySQL users can abuse this bug in a denial of service attack against systems running an affected MySQL daemon.

Note that because this bug is related to the parsing of requests, it may happen that this bug is triggered accidently by a user when he or she makes a typo.

References

Bugtraq ID 11432
CVE Name CVE-2004-0956
URL http://bugs.mysql.com/bug.php?id=3870

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.