Multiple MySQL vulnerabilities: you have been warned
Security firm e-matters this week warned that multiple vulnerabilities in the popular open source database MySQL make it possible for crackers to access accounts without passwords or even crash the server.
e-matter’s Stefan Esser has also discovered a heap buffer overflow as well as a flaw in MySQL’s client libraries that allows crackers to write ‘0’ to any memory address.
“We have discovered two flaws within the MySQL server that can be used by any MySQL user to crash the server. Furthermore one of the flaws can be used to bypass the MySQL password check or to execute arbitrary code with the privileges of the user running mysqld.
“We have also discovered an arbitrary size heap overflow within the mysql client library and another vulnerability that allows to write ‘0’ to any memory address. Both flaws could allow DOS attacks against or arbitrary code execution within anything linked against libmysqlclient,” says Esser.
He says the flaws were discovered while auditing the sourcetree earlier this month. MySQL authors were contacted with the flaws and they have now released MySQL 3.23.54 which fixes the vulnerabilities.
The full warning can be found here.