CVE-2010-3679

Published: 05 November 2010

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.

Priority

Medium

Status

Package Release Status
mysql-5.1
Launchpad, Ubuntu, Debian
Upstream
Released (5.1.49)
mysql-cluster-7.0
Launchpad, Ubuntu, Debian
Upstream Needs triage

mysql-dfsg-5.0
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

mysql-dfsg-5.1
Launchpad, Ubuntu, Debian
Upstream
Released (5.1.49)
Patches:
Upstream: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/3436