Shane Bester

**Name of the Vulnerable Software and Affected Versions** MySQL versions prior to 5.1.48 **Description** The issue allows remote authenticated users with alter database privileges to cause a denial of service, resulting in a server crash and potential database loss. This is achieved through an `ALTER DATABASE` command that includes a specific string, such as `#mysql50#` followed by a sequence like `.`, `..`, or `../`, and an `UPGRADE DATA DIRECTORY NAME` command. This sequence of commands causes MySQL to move certain directories to the server data directory, leading to the denial of service. **Recommendations** For versions prior to 5.1.48, update to version 5.1.48 or later to resolve the issue. As a temporary workaround, consider restricting alter database privileges to minimize the risk of exploitation. Avoid using the `ALTER DATABASE` command with the specified string sequences until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** MySQL versions 5.1 prior to 5.1.32 MySQL versions 6.0 prior to 6.0.10 **Description** The issue allows remote authenticated users to cause a denial of service, resulting in a crash. This is achieved by using an XPath expression that employs a scalar expression as a FilterExpr with `ExtractValue()` or `UpdateXML()`, triggering an assertion failure. **Recommendations** For MySQL versions 5.1 prior to 5.1.32, update to version 5.1.32 or later. For MySQL versions 6.0 prior to 6.0.10, update to version 6.0.10 or later.