Password Flaw Leaves Some Versions of MySQL and MariaDB Open to Brute Force Attacks

84A rather major, but basic flaw in the way that MySQL and MariaDB handle passwords has opened up both of these to brute force attacks and can allow the attacker to gain access in seconds. This flaw which exploits an issue in the way the passwords are checked using the memcmp function can be used as long as the attacker knows at least one user name. Considering that “root” is almost always in existence the password security on many MySQL and MariaDB databases is practically nonexistent.

According to seclist.org where Sergei Golubchik (MariaDB security coordinator) posted about the issue not all versions are vulnerable to the flaw, but there are still a large number of them that can be exploited in this manner.

We have recently found a serious security bug in MariaDB and MySQL.So, here, we'd like to let you know about what the issue and its impact is. At the end you can find a patch, in case you need to patch an older unsuported MySQL version.

All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable.
MariaDB versions from 5.1.62, 5.2.12, 5.3.6, 5.5.23 are not.
MySQL versions from 5.1.63, 5.5.24, 5.6.6 are not.

This issue got assigned an id CVE-2012-2122.

To give a little more detail the flaw happens when the system incorrectly sees the token issued to a connection as equal to the expected value of the password even if they are not. This would allow entry even with a bad password; the odds of hitting the flaw are 1/256 so you can see just how easy it would be to break into an affected version of MySQL or MariaDB.
There is a patch for affected version of MySQL and MariaDB at the end of the posting so if you find that you are exposed you might want to look into grabbing the patch to get things fixed in a hurry. This is only the latest in a long (and getting longer) string of security issues that have been reported in the last few days. As we said before Stuxnet, Flame, the several Password grabs and a few other issues appear to have been a wakeup call for IT and Security folks. We fully expect to see more bug and flaws uncovered and fixed over the next few weeks.

Discuss this in our Forum

No comments

Leave your comment

In reply to Some User