mailing list archives
Re: MySQL 0-day - does it need a CVE?
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 24 Feb 2012 11:11:07 +0100
On Thu, 09 Feb 2012 10:20:14 -0700 Kurt Seifried wrote:
We are releasing a working MySQL 5.5.20 remote 0day exploit with this
update.The exploit has been tested with
mysql-5.5.20-debian6.0-i686.deb on Debian 6.0.
According to the video, it should be "yassl buffer overflow".
Tomas Hoger / Red Hat Security Response Team
Re: MySQL 0-day - does it need a CVE? Tomas Hoger (Feb 24)