oss-sec mailing list archives
Re: MySQL 0-day - does it need a CVE?
From: Henri Salo <henri () nerv fi>
Date: Thu, 9 Feb 2012 22:09:44 +0200
On Thu, Feb 09, 2012 at 10:20:14AM -0700, Kurt Seifried wrote:
https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, We are releasing a working MySQL 5.5.20 remote 0day exploit with this update.The exploit has been tested with mysql-5.5.20-debian6.0-i686.deb on Debian 6.0. Best, Intevydis Ltd. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8xdTEACgkQY8Flb3OI+Q2zXwCfQL5y+R8n+ipdMYIRdoVPkEdF yeoAn26p3KmY0+WYFqKrb9/A3frNo2Xm =m+1k -----END PGP SIGNATURE----- Does this need a CVE # or have you already gotten one from Mitre? -- Kurt Seifried Red Hat Security Response Team (SRT)
Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability – http://www.securityfocus.com/bid/51516 - Henri Salo
Current thread:
- MySQL 0-day - does it need a CVE? Kurt Seifried (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Henri Salo (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Henri Salo (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Solar Designer (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Yves-Alexis Perez (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Kurt Seifried (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Yves-Alexis Perez (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Solar Designer (Feb 09)
- Re: MySQL 0-day - does it need a CVE? Henri Salo (Feb 10)
- Re: MySQL 0-day - does it need a CVE? Solar Designer (Feb 11)
- Re: MySQL 0-day - does it need a CVE? Kurt Seifried (Feb 24)
- Re: MySQL 0-day - does it need a CVE? Larry Stefonic (Feb 24)