Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of Service Vulnerability
BID:12498
Info
Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of Service Vulnerability
| Bugtraq ID: | 12498 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Feb 09 2005 12:00AM |
| Updated: | Feb 09 2005 12:00AM |
| Credit: | Ulrik Petersen is credited with discovery of this issue. |
| Vulnerable: |
Ulrik Petersen Emdros Database Engine 1.1.21 Ulrik Petersen Emdros Database Engine 1.1.20 Ulrik Petersen Emdros Database Engine 1.1.19 Ulrik Petersen Emdros Database Engine 1.1.18 Ulrik Petersen Emdros Database Engine 1.1.17 Ulrik Petersen Emdros Database Engine 1.1.16 Ulrik Petersen Emdros Database Engine 1.1.15 Ulrik Petersen Emdros Database Engine 1.1.14 |
| Not Vulnerable: |
Ulrik Petersen Emdros Database Engine 1.1.22 |
Discussion
Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of Service Vulnerability
A denial of service vulnerability affects Emdros. This issue is due to a failure of the application to properly manage memory.
Apparently this issue is distinct from that reported in BID 11143 (Ulrik Petersen Emdros Database Engine Denial Of Service Vulnerability). It should also be noted that if the affected application is run as a daemon, a remote attacker could exploit this issue.
An attacker may leverage this issue to cause the affected application to crash, denying service to legitimate users.
A denial of service vulnerability affects Emdros. This issue is due to a failure of the application to properly manage memory.
Apparently this issue is distinct from that reported in BID 11143 (Ulrik Petersen Emdros Database Engine Denial Of Service Vulnerability). It should also be noted that if the affected application is run as a daemon, a remote attacker could exploit this issue.
An attacker may leverage this issue to cause the affected application to crash, denying service to legitimate users.
Exploit / POC
Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of Service Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of Service Vulnerability
Solution:
The vendor has released an upgrade dealing with this issue.
Ulrik Petersen Emdros Database Engine 1.1.14
Ulrik Petersen Emdros Database Engine 1.1.15
Ulrik Petersen Emdros Database Engine 1.1.16
Ulrik Petersen Emdros Database Engine 1.1.17
Ulrik Petersen Emdros Database Engine 1.1.18
Ulrik Petersen Emdros Database Engine 1.1.19
Ulrik Petersen Emdros Database Engine 1.1.20
Ulrik Petersen Emdros Database Engine 1.1.21
Solution:
The vendor has released an upgrade dealing with this issue.
Ulrik Petersen Emdros Database Engine 1.1.14
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.15
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.16
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.17
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.18
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.19
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.20
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
Ulrik Petersen Emdros Database Engine 1.1.21
-
Emdros Emdros 1.1.22
http://sourceforge.net/project/showfiles.php?group_id=37219
References
Ulrik Petersen Emdros Database Engine MQL Parsing Denial Of Service Vulnerability
References:
References:
- Emdros Database Engine Home Page (Ulrik Petersen)
- Version 1.1.22 Release Details (Ulrik Petersen)