CVE-2006-7232

Impact:
Low
Public Date:
2006-09-16
Bugzilla:
434264: CVE-2006-7232 mysql: daemon crash via EXPLAIN on queries on information schema

The MITRE CVE dictionary describes this issue as:

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

Find out more about CVE-2006-7232 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue did not affect the MySQL packages as shipped in Red Hat Enterprise Linux 2.1, 3, and 4 as they did not support INFORMATION_SCHEMA, introduced in MySQL version 5.

MySQL packages as shipped in Red Hat Enterprise Linux 5 were fixed via:

https://rhn.redhat.com/errata/RHSA-2008-0364.html

The MySQL packages as shipped in Red Hat Application Stack v1 and v2 are based on upstream version which has the fix included.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (mysql) RHSA-2008:0364 2008-05-20

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.