• United States
by Elizabeth Montalbano

MySQL releases security patch

May 04, 20061 min
Enterprise ApplicationsMySQLPatch Management Software

MySQL this week issued a security patch for multiple vulnerabilities in its MySQL open-source database.

The MySQL 5.0.21 update patches three flaws that affect versions 4.0.26, 4.1.18, 5.0.20 and 5.1.9, as well as prior versions of the company’s database, according to security company

FrSIRT rated the flaws as “moderate” and said they can be exploited both remotely and locally.

According to FrSIRT, the first flaw is caused by a buffer-overflow error in the “” script.” The vulnerability could be exploited by authenticated attackers to execute arbitrary commands, the security company said in its advisory.

Input validation errors in the “” file are the cause of the second and third vulnerabilities, according to FrSIRT. These could be exploited by attackers to cause portions of the memory to be disclosed in error messages.

More information about the fix can be found on MySQL’s Web site.