Earlier this month, on the Security Week website, Steve Ragan published an article about a security researcher who posted several vulnerabilities to the Full Disclosure mailing list – seven of these are MySQL vulnerabilities. The complete list of vulnerabilities is available here. CVE assignments have been issued for five of these vulnerabilities. The researchers who tested the vulnerabilities stated that in each instance the system administrator failed to setup the MySQL server properly or the firewall installed in front of it.
The first MySQL vulnerability, a stack-based buffer overflow, would give an authenticated database user a chance to cause the MySQL daemon to crash and then execute code with the same privileges as the user running MySQL. A heap-based overflow vulnerability, distinct from the stack-based buffer overflow, results in the same damage – again, this could be effected by an authenticated database user.
Researchers also reported a user privilege elevation vulnerability which, if exploited, might enable an attacker with file permissions to elevate these permissions to that of the MySQL admin user. The vulnerabilities also include a DOS vulnerability and an account enumeration vulnerability.
According to Jeffrey Walton, a Full Disclosure subscriber:
It’s really a shame that high risk applications, such as those that take input from the Internet, are still failing in these ways…There’s a lot of platform security available, as well as other hardening techniques, but folks chose not to use them. It’s disappointing the various security teams have not improved the situation. They are the folks who should know, and who should take a defensive posture.
Take a defensive posture this year. Make a resolution to protect your website and your data, in 2013 and always. Register your free 14-day Acunetix Trial.