Skip navigation links

MySQL Forums :: Security :: I can hack any MySql5 :-)


Advanced Search

I can hack any MySql5 :-)
Posted by: Martin Gombac ()
Date: June 26, 2007 04:18AM

Hi,

i found a bug in MySql 5*, which allows me to crash any server with fp=nil.
One could probably write an exploit for this easily.

Here is what it's written in error log:
thd=0xafc0f470
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0xafdadb98, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x8186540
0x8473491
0x8473e39
0x84749b8
0x81389fb
0x8131f32
0x8131f32
0x81c0ca3
0x81dbbe5
0x81e8c35
0x81e8fe1
0x819ea52
0x81a1c19
0x81a20e8
0x81a342b
0x81a3e64
0xb7d6c4bb
0xb7ba333e
New value of fp=(nil) failed sanity check, terminating stack trace!
Please read http://dev.mysql.com/doc/mysql/en/using-stack-trace.html and follow instructions on how to resolve the stack trace. Resolved
stack trace is much more helpful in diagnosing the problem, so please do
resolve it
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x8ab1bd8 = SELECT **** Removed MySql Q. doe to security.

How can i notify MySql without writing all details to exploit it publicly?

Options: ReplyQuote


Subject Views Written By Posted
I can hack any MySql5 :-) 12153 Martin Gombac 06/26/2007 04:18AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.