4678129 2000-01-14 00:03 /45 rader/ Postmaster Mottagare: Bugtraq (import) <9280> Ärende: mSQL and not MySQL exploit ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com X-Accept-Language: en MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <387DEBC3.B48804AD@mysql.com> Date: Thu, 13 Jan 2000 10:18:27 -0500 Reply-To: Tonu Samuel <tonu@MYSQL.COM> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Tonu Samuel <tonu@MYSQL.COM> X-To: BUGTRAQ@NETSPACE.ORG, sni@SILENCE.SECNET.COM, fyodor@dhp.com mysql_all@mysql.com To: BUGTRAQ@SECURITYFOCUS.COM Hi! Today I discovered the exploit for mSQL: http://www.insecure.org/sploits/mSQL.overflow.and.hostnamespoof.html and found little remark in same place: "MySQL is also probably vulnerable". MySQL is not vulnerable for this exploit because MySQL doesn't have any code from mSQL. This can be confusing excerpt in out manual: "We once started off with the intention of using mSQL to connect to our tables using our own fast low-level (ISAM) routines. However, after some testing we came to the conclusion that mSQL was not fast enough or flexible enough for our needs. This resulted in a new SQL interface to our database but with almost the same API interface as mSQL. This API was chosen to ease porting of third-party code. " But this means we used MySQL uses mSQL-like API but not code. -- +----------------------------------------------------------------+ | TcX ____ __ _____ _____ ___ | | /*/\*\/\*\ /*/ \*\ /*/ \*\ |*| Tõnu Samuel | | /*/ /*/ /*/ \*\_ |*| |*||*| tonu@mysql.com | | /*/ /*/ /*/\*\/*/ \*\|*| |*||*| Tallinn, Estonia | | /*/ /*/ /*/\*\_/*/ \*\_/*/ |*|____ | | ^^^^^^^^^^^^/*/^^^^^^^^^^^\*\^^^^^^^^^^^ | | /*/ \*\ Developers Team | +----------------------------------------------------------------+ (4678129) ------------------------------------------(Ombruten)