Re: mSQL vulnerabilities

David Sacerdote (davids@SILENCE.SECNET.COM)
Mon, 28 Jul 1997 12:54:33 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: nolander@NOLANDER.PP.SE: "Re: Multiply bugs in MH-6.8.3 (Mail Handler program)"
Previous message: Nathan J. Mehl: "Re: SNI-16: INN News Server Security Advisory"
Maybe in reply to: Secure Networks Inc.: "mSQL vulnerabilities"
Next in thread: Stacey Son: "Re: mSQL vulnerabilities"

> It is my understanding that MySQL is based on mSQL. If this is the case, is
> it vulnerable to similar attacks?

Based on preliminary source inspection, I suspect that passwordless
host-based access control can be circumvented in the same way that it can
be with mSQL. There *appear* to be opportunities for buffer overflows
buried inside many of the bottom-layer functions, but I am unsure whether
some type of bounds checking is happening at a higher layer. There have
been enough changes to MySQL that I basically have to start tracing
argument passing from scratch.

Further investigation is required.

David Sacerdote
Secure Networks Inc.

Next message: nolander@NOLANDER.PP.SE: "Re: Multiply bugs in MH-6.8.3 (Mail Handler program)"
Previous message: Nathan J. Mehl: "Re: SNI-16: INN News Server Security Advisory"
Maybe in reply to: Secure Networks Inc.: "mSQL vulnerabilities"
Next in thread: Stacey Son: "Re: mSQL vulnerabilities"