28 Jan

MySQL and the GHOST: glibc gethostbyname buffer overflow

Qualys announced they had found an exploit in one of the Linux core libraries - glibc - using a buffer overflow technique in gethostbyname(). They have developed a proof-of-concept in which simply sending a specially created e-mail to a mail server enabled them to create a remote shell to the Linux machine. According to Qualys, "This bypasses all existing protections (like ASLR, PIE and NX) on both 32-bit and 64-bit systems.". How does it affect MySQL servers? Read on!

Read More