Mandrake Linux Security Advisory : MYSQL (MDKSA-2003:013)
Medium Nessus Plugin ID 13998
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionAleksander Adamowski informed MandrakeSoft that the MySQL developers fixed a DoS vulnerability in the recently released 3.23.55 version of MySQL. A double free() pointer bug in the mysql_change_user() handling would allow a specially hacked mysql client to crash the main mysqld server. This vulnerability can only be exploited by first logging in with a valid user account.
SolutionUpdate the affected packages.