|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Tuesday, 1 February 2000||Author: Derrick H. Lewis|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Std View]|
Caldera Systems, Inc. Security Advisory
[CALDERA] Caldera Systems has found a problem in MySQL password handling. A malicious user with access to run processes on the machine where MySQL server is running can hijack the entire database.
______________________________________________________________________________ Caldera Systems, Inc. Security Advisory
Subject: MySQL password handling Advisory number: CSSA-2000-001.0 Issue date: 2000 January, 31 Cross reference: ____________________________________________________________
1. Problem Description
Anyone with access to a running MySQL server and GRANT privilege for any database or table in the MySQL server, can change any MySQL-password he wishes, including the MySQL superuser's.
A malicious user with access to run processes on the machine where MySQL server is running can hijack the entire database. Even without access to run processes on the machine a malicious user can mount a denial of service attack on the server by setting the MySQL superuser's password to a random string.
2. Vulnerable Versions
Systems : OpenLinux eServer 2.3 Packages: previous to mysql-3.22.30-1S
OpenLinux Desktop 2.3 is not affected.
The proper solution is to upgrade to the latest packages
rpm -F mysql-devel-3.22.30-1S.i386.rpm rpm -F mysql-bench-3.22.30-1S.i386.rpm rpm -F --force mysql-client-3.22.30-1S.i386.rpm rpm -F mysql-3.22.30-1S.i386.rpm
4. Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
The corresponding source code package can be found at:
5. Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -F mysql-devel-3.22.30-1S.i386.rpm rpm -F mysql-bench-3.22.30-1S.i386.rpm rpm -F --force mysql-client-3.22.30-1S.i386.rpm rpm -F mysql-3.22.30-1S.i386.rpm 6. Verification
14e8bf07c14509ea50dea871ca11f9ae RPMS/mysql-3.22.30-1S.i386.rpm 6e9bf353f2525627a7c282de513df203 RPMS/mysql-bench-3.22.30-1S.i386.rpm b85c09d8873bf72345dc3a5b3ddc2f36 RPMS/mysql-client-3.22.30-1S.i386.rpm ddd594820dcd933e4262815c449ec8f7 RPMS/mysql-devel-3.22.30-1S.i386.rpm 311adde3d8d9b4a2a5c01fc870fddc59 SRPMS/mysql-3.22.30-1S.src.rpm
This and other Caldera security resources are located at:
8. Disclaimer Caldera Systems, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org
iQCVAwUBOJa10en+9R4958LpAQHKFAP/U3dgin1h6GekXDtQq5Q8RpK+VE0gFktY FVoqXKgt2lHfWWa/1Zatt9Es88OwhYLXDt72/zgHuyEaOqxU4GwAqmCX1xddfrLz T9HQ7RL/+Yi9CuH/JfS5Y8/SOtPWubQZf+NvKPT/FU85WyT1VfmZs3rdaDRPlJFM sxjq9LjVgMk= =O6gK -----END PGP SIGNATURE-----