MonetDB Server Denial-of-Service Vulnerability in exps_bind_column Component

A denial-of-service vulnerability has been identified in MonetDB Server version 11.49.1. The issue arises in the exps_bind_column component, where attackers can cause the server to crash by sending specially crafted SQL statements. This vulnerability can be reproduced by creating a specific SQL query that exploits the issue, leading to a crash of the MonetDB server process.

Impact

Exploitation of this vulnerability causes the MonetDB server process to crash, disrupting any active database connections and causing a temporary loss of service.

Reproduction

The vulnerability can be reproduced by creating a Docker container running MonetDB Server version 11.49.1. After starting the container, the SQL injection payload should be written to a temporary file. This file can then be executed using the MonetDB command-line client, mclient. The server crash can be verified by checking for the absence of the 'mserver5' process, which indicates that the server has crashed.