← Back to team overview

openstack team mailing list archive

Re: MySQL / MariaDB security vulnerability

 

Thanks Ewan,

Please note my findings on this CVE and feel free to correct / reply
with anything I have missed.

I've found in my tests of this CVE today that Percona 55-5.5.24 is not
vulnerable
(http://repo.percona.com/centos/6/os/x86_64/Percona-Server-server-55-5.5.24-rel26.0.256.rhel6.x86_64.rpm), whilst mysql v 5.5.23 is (5.5.23-1 on FC17), as such it appears Percona is not vulnerable to this attack though I am unsure from which version onward; rdp as the changelog was last updated in Fed 2011 ...

Also in testing I found that host ACLs can differ this issue, in that to
exploit this issue you must use a valid user@host (unless of course
there are wildcards), this assume therfor in a secure setup the granted
host must originate the attack for the target user.

Cheers

David



On Mon, 2012-06-11 at 19:46 +0100, Ewan Mellor wrote:
> Anyone who is using OpenStack with MySQL / MariaDB, please see this
> _extremely_ dangerous security vulnerability, announced on Saturday:
> 
>  
> 
> https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql
> 
>  
> 
> Ewan.
> 
>  
> 
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

Attachment: signature.asc
Description: This is a digitally signed message part


References