MySQL 6.0.4 - Empty Binary String Literal Remote Denial of Service
| EKU-ID: 37268 | CVE: CVE-2008-3963;OSVDB-48021 | OSVDB-ID: |
| Author: Kay Roepke | Published: 2008-03-28 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 37268 | CVE: CVE-2008-3963;OSVDB-48021 | OSVDB-ID: |
| Author: Kay Roepke | Published: 2008-03-28 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/31081/info MySQL is prone to a remote denial-of-service vulnerability because it fails to handle empty binary string literals. An attacker can exploit this issue to crash the application, denying access to legitimate users. This issue affects versions prior to MySQL 5.0.66, 5.1.26, and 6.0.6. The following proof-of-concept query is available: select b'';