Mandriva Linux Security Advisory 2010-107 – The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST. The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct these issues.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/89947/MDVSA-2010-107.txt
Source: https://packetstormsecurity.com/files/89947/Mandriva-Linux-Security-Advisory-2010-107.html