DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th June 2012
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default Simple authentication bypass for MySQL root revealed

From http://h-online.com/-1614990
Quote:
Exploits for a recently revealed MySQL authentication bypass flaw are now in the wild, partly because the flaw is remarkably simple to exploit in order to gain root access to the database. The only mitigating factor appears to be that it depends on the C library that the MySQL database was built with. The bypass, assigned the vulnerability ID CVE-2012-2122, allows an attacker to gain root access by repeatedly trying to login with an incorrect password. Each attempt has a 1 in 256 chance of being given access. The exploits are mostly variations of looping through connecting to MySQL with a bad password around 300 to 512 times.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 11th June 2012
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,051
Thanked 198 Times in 156 Posts
Default

Yikes!

As I understand it, you can check this with a simple script:

Code:
#!/bin/sh

for i in $(jot 2000); do
        mysql -u root --password=wrong -h mysql_machine
done
To be sure, I checked a few CentOS 5.x machines and a FreeBSD 8 machine, none were vulnerable.

Bonus hint: firewall!
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 13th June 2012
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default

At http://pastie.org/4064638 is a C program for testing whether the memcmp function is vulnerable.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Using public keys for SSH authentication amrogers3 OpenBSD General 12 14th November 2011 12:10 AM
CAPTCHA schemes still easy to bypass J65nko News 8 7th November 2011 08:09 PM
NTLM Authentication plexter FreeBSD Security 1 7th January 2011 08:43 PM
Cups , authentication issue welkin FreeBSD Installation and Upgrading 2 7th March 2010 01:03 AM
openldap for authentication rajendra_nagi FreeBSD General 9 17th July 2008 06:43 PM


All times are GMT. The time now is 06:40 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick