Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: MySQL 0-day - does it need a CVE?
From: Henri Salo <henri () nerv fi>
Date: Thu, 9 Feb 2012 22:09:44 +0200

On Thu, Feb 09, 2012 at 10:20:14AM -0700, Kurt Seifried wrote:
https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

We are releasing a working MySQL 5.5.20 remote 0day exploit with this
update.The exploit has been tested with mysql-5.5.20-debian6.0-i686.deb
on Debian 6.0.

Best,
Intevydis Ltd.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8xdTEACgkQY8Flb3OI+Q2zXwCfQL5y+R8n+ipdMYIRdoVPkEdF
yeoAn26p3KmY0+WYFqKrb9/A3frNo2Xm
=m+1k
-----END PGP SIGNATURE-----

Does this need a CVE # or have you already gotten one from Mitre?

-- 
Kurt Seifried Red Hat Security Response Team (SRT)

Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability – http://www.securityfocus.com/bid/51516

- Henri Salo


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault