MySQL Vulnerabilities Patched

Several vulnerabilities have been reported in theMySQL database manager, which could be exploited by attackers toc ompromise a vulnerable system or obtain sensitive information.

The first flaw is caused by a buffer overflow in script "sql_base.cc", which cannot handle specially crafted "COM_TABLE_DUMP" packets properly. This could be exploited by authenticated attackers to run arbitrarycommands.

The second vulnerability stems from an input validation error in file "sql_parse.cc", which fails to validate "COM_TABLE_DUMP" packets. This could be exploited by an attacker to have portions of memory disclosed in error messages.

Finally, the third vulnerability, which could also lead to portions ofthe memory to be disclosed in error messages, is due to an inputvalidation error in script "sql_parse.cc" which cannot handle malformed login packets properly.

Affected users are advised to upgrade their products to MySQL version 5.0.21, available at http://dev.mysql.com/downloads/.

The originalsecurity advisory can be found athttp://www.frsirt.com/english/advisories/2006/1633.