Shane Bester

6 exploits Active since Mar 2009
CVE-2010-2008 EXPLOITDB text WRITEUP
MySQL < 5.1.48 - Authenticated Denial of Service via ALTER DATABASE Command
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
CVE-2010-3678 EXPLOITDB text WORKING POC
Oracle MySQL 5.1 < 5.1.49 - Authenticated Denial of Service via IN or CASE Operations with NULL Arguments
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
CVE-2009-4019 EXPLOITDB text WORKING POC
MySQL 5.0.x < 5.0.88 and 5.1.x < 5.1.41 - Authenticated Denial of Service via SELECT Subquery Error Handling
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
CVE-2009-4019 EXPLOITDB text WORKING POC
MySQL 5.0.x < 5.0.88 and 5.1.x < 5.1.41 - Authenticated Denial of Service via SELECT Subquery Error Handling
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
CVE-2009-0819 EXPLOITDB text WORKING POC
MySQL < 5.1.32 and 6.0 < 6.0.10 - Authenticated Denial of Service via XPath FilterExpr in ExtractValue or UpdateXML
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
CVE-2010-3679 EXPLOITDB text WORKING POC
Oracle MySQL 5.1 - Authenticated Denial of Service via BINLOG Command
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.