| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <C5128FCC.6DCD5%scheidell@secnap.net> Date: Wed, 08 Oct 2008 16:26:52 -0400 From: Michael Scheidell <scheidell@...nap.net> To: Quark IT - Hilton Travis <Hilton@...rkIT.com.au>, Thomas Henlich <thomas@...lich.de>, <bugtraq@...urityfocus.com> Subject: Re: MySQL command-line client HTML injection vulnerability > Hi Thomas, > > This bug was fixed in a MySQL release dated 01 May 2008. It is now 01 > Oct 2008 - 5 months after the bug was released. So why exactly is this > news? Did I miss something here? Not fixed in any version I know of. Patch has been available for 5 months, but this has not gotten into any production version (or am I wrong?) Try this on your system: mysql --html --execute "select '<a>'" If you get this, then its not patched: <TABLE BORDER=1><TR><TH><a></TH></TR><TR><TD><a></TD></TR></TABLE> If you get this (on 5.1, a little different than 5.0) than its patched: (note the escaped <a>) -- Michael Scheidell, CTO >|SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer <TABLE BORDER=1><TR><TH><a></TH></TR><TR><TD><a></TD></TR></TABLE> _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com _________________________________________________________________________
Powered by blists - more mailing lists