mailing list archives
Re: mSQL vulnerabilities
From: davids () SILENCE SECNET COM (David Sacerdote)
Date: Mon, 28 Jul 1997 12:54:33 -0600
It is my understanding that MySQL is based on mSQL. If this is the case, is
it vulnerable to similar attacks?
Based on preliminary source inspection, I suspect that passwordless
host-based access control can be circumvented in the same way that it can
be with mSQL. There *appear* to be opportunities for buffer overflows
buried inside many of the bottom-layer functions, but I am unsure whether
some type of bounds checking is happening at a higher layer. There have
been enough changes to MySQL that I basically have to start tracing
argument passing from scratch.
Further investigation is required.
Secure Networks Inc.