CVE-2006-7232

Publication date 31 December 2006

Last updated 24 July 2024

Ubuntu priority

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mysql-dfsg-5.0	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Fixed 5.0.24a-9ubuntu2.4
	6.06 LTS dapper	Fixed 5.0.22-0ubuntu6.06.8

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

DoS, but escalated to medium for customer

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-588-1
MySQL vulnerabilities
19 March 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2006-7232