Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Security Researcher Discloses New Batch of MySQL Vulnerabilities

Newly Disclosed MySQL Vulnerabilities Puts Databases at Risk For The Holidays

Over the weekend, a security researcher posted several vulnerabilities to the Full Disclosure mailing list, seven of them related to MySQL, the most popular open source database in the world. Given that MySQL is mission critical in many environments, the vulnerabilities are worth examining.

Newly Disclosed MySQL Vulnerabilities Puts Databases at Risk For The Holidays

Over the weekend, a security researcher posted several vulnerabilities to the Full Disclosure mailing list, seven of them related to MySQL, the most popular open source database in the world. Given that MySQL is mission critical in many environments, the vulnerabilities are worth examining.

Of the flaws disclosed on Saturday, CVE assignments have been issued for five of them. The Red Hat Security Team has opened tracking reports, and according to comments on the list itself, Oracle is aware of the zero-days, but has not yet commented on them directly.

mySQL VulnerabilitiesResearchers who have tested the vulnerabilities themselves state that all of them require that the system administrator failed to properly setup the MySQL server, or the firewall installed in front of it. Yet, they admit that the disclosures are legitimate, and they need to be fixed.

The first MySQL vulnerability, a stack-based buffer overflow, would allow an authenticated database user a chance to cause the MySQL daemon to crash, and then execute code with the same privileges as the user running MySQL. A heap-based overflow vulnerability, separate from the previous flaw, could be used to do the same thing – again the damage could be caused by an authenticated database user.

Saturday’s disclosure also included details of a user privilege elevation vulnerability, which if exploited could allow an attacker with file permissions the ability to elevate its permissions to that of the Mysql admin user. Moreover, there was a DoS vulnerability disclosed, and an account enumeration vulnerability.

“It’s really a shame that high risk applications (such as those that take input from the Internet) are still failing in these ways in 2012. There’s a lot of platform security available (and other hardening techniques), but folks chose not to use them. It’s disappointing the various security teams have not improved the situation (they are the folks who should know, and should take a defensive posture),” commented Full Disclosure subscriber Jeffrey Walton.

The disclosures on Saturday were published with working proof-of-concept scripts. SecurityWeek will report further if there are new developments.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...