bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/dos/14537.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

13 lines
No EOL
648 B
Text
Raw Blame History

A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions.
This issue affects versions prior to MySQL 5.1.48.
A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target server to move a data directory into a new subdirectory, causing the data directory to become unusable.
A demonstration exploit request is provided [where "<special>" is "." or ".." or is a sequence that begins with "./" or "../"]:
ALTER DATABASE `#mysql50#<special>` UPGRADE DATA DIRECTORY NAME
Vendor advisory at:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
Reference in a new issue View git blame Copy permalink