Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySQL输入验证错误漏洞
Vulnerability Description
Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 MySQL 5.1.48之前版本存在漏洞。具有修改数据库特权的远程认证用户可以借助紧接#mysql50#字符串后为.(点),..(点 点),../(点 点 斜杠)或者类似序列的ALTER DATABASE命令,以及导致MySQL将一些目录移动到服务器数据目录的UPGRADE DATA DIRECTORY NAME命令导致服务拒绝(服务器崩溃和数据库丢失)。
CVSS Information
N/A
Vulnerability Type
N/A