* Beware of MySQL security vulnerability The MS-SQL Slammer Worm debacle that crippled Microsoft database servers and much of the Internet last week should also be a wakeup call to Linux/MySQL users. While widespread worms and attacks are perceived to be less common on open source software, platforms such as MySQL on Linux aren’t impervious to ‘Net mischief.Much of the high-level debate last week on the Slammer worm revolved around whether the maker of a compromised software product should be blamed when attacks occur; or are lazy end users who don’t keep up with patches and security updates the ones at fault. That debate could go on forever. But if you use MySQL, and want to stay out of the second camp, be aware of a few vulnerabilities reported recently in the MySQL database package of several popular Linux distributions.One problem is related to a package in MySQL called “COM_TABLE_DUMP.” According to Red Hat, the vulnerability “allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.” Red Hat, Debian and the security-focused EnGarde Linux all recently reported a problem relating to this vulnerability.In the MySQL package running on several SuSE Enterprise Server versions, an issue was found with a password-checking function that could allow unpatched servers to be comprimised by attackers. Another vulnerability was found within the MySQL client libraries. According to SuSE: “Applications using this library (as commonly used from within PHP scripts) are vulnerable to this attack and could also be compromised by remote attackers.” You can get patches for and view more information about the above vulnerabilities at the following sites:Debian advisory https://www.linuxsecurity.com/advisories/debian_advisory-2675.htmlEngard advisoryhttps://www.linuxsecurity.com/advisories/engarde_advisory-2817.htmlSuSE advisoryhttps://www.linuxsecurity.com/advisories/suse_advisory-2713.htmlRed Hat advisory https://www.linuxsecurity.com/advisories/redhat_advisory-2764.html Related content news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Industry Networking news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Network Security Networking news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center news AWS and Nvidia partner on Project Ceiba, a GPU-powered AI supercomputer The companies are extending their AI partnership, and one key initiative is a supercomputer that will be integrated with AWS services and used by Nvidia’s own R&D teams. By Andy Patrizio Nov 30, 2023 3 mins CPUs and Processors Generative AI Supercomputers Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe