Welcome, Guest! Log In | Create Account

Share

Emdros

Tracker: Bugs

9 Malformed MQL can lead to DOS attack - ID: 1116935
Last Update: Settings changed ( ulrikp )

The MQL parser will leak memory if given certain kinds
of malformed MQL statements. This can lead to a DOS
attack with more and more memory being consumed. The
vulnerability is normally only exploitable if a user
has local access. However, if MQL is run as a service
through xinetd or similar, it is also exploitable remotely.

Ulrik Sandborg-Petersen ( ulrikp ) - 2005-02-05 18:07

9

Closed

Fixed

Ulrik Sandborg-Petersen

MQL-layer

v1.1.21

Public


Comments ( 2 )

Date: 2005-02-05 22:58
Sender: ulrikpSourceForge.net Subscriber and DonorProject AdminAccepting Donations

Logged In: YES
user_id=191143

All platforms are affected: Windows, Linux, Solaris.

However, I have confirmed that the fixed version leaks no
memory on any of these systems.

Date: 2005-02-05 18:08
Sender: ulrikpSourceForge.net Subscriber and DonorProject AdminAccepting Donations

Logged In: YES
user_id=191143

Fixed in local CVS. Will release in 1.1.22, hopefully within
the next week.

Attached File

No Files Currently Attached

Changes ( 4 )

Field Old Value Date By
resolution_id Accepted 2005-02-08 20:04 ulrikp
close_date - 2005-02-08 20:04 ulrikp
status_id Open 2005-02-08 20:04 ulrikp
resolution_id None 2005-02-05 18:08 ulrikp


About SourceForge

Find Software

Develop Software

Community

Help

Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use