Two security holes discovered in MySQL

Security holes discovered in the MySQL open source database and client software could allow an attacker to launch a denial of service attack against machines running affected MySQL components or gain administrative access to the database server, according to an alert posted by German security company e-matters GmbH.

MySQL is a popular database server, with more than four million installations of the product supporting high-profile Web sites and business applications worldwide according to information posted on the Web site of MySQL AB, which owns and manages the MySQL server source code.

MySQL can be run on a variety of operating systems including Microsoft Corp.'s Windows as well as Linux and Unix.

The advisory by e-matters identifies four separate vulnerabilities in the MySQL code, two affecting the MySQL server component and two affecting the MySQL client.

All four vulnerabilities could be used to execute denial of service attacks against the affected MySQL component, exploiting the flaws to crash the server or client. The vulnerabilities range from buffer overflows that can cause MySQL component crashes to others that could allow malicious code to be read and executed on an affected machine, according to e-matters.

One of the server vulnerabilities could also allow an attacker to break into the MySQL root account and compromise the databases running on that server, according to e-matters.

Used in combination with each other, the vulnerabilities could allow an attacker to break into a system running the MySQL database server software or elevate his or her access privileges on that system, e-matters said.

After being informed of the vulnerabilities on December 3, 2002, MySQL AB issued a patch for the MySQL Database Server on December 12 that fixes the reported vulnerabilities, version 3.23.54, e-matters said.

Both the handling of the vulnerabilities and the speed of the company's response speak to the advantages of open source software, according to MySQL AB CEO Marten Mickos.

"From the public's perspective, I think this is a great example of how our user community is helping us," said Mickos. "With closed source software this could not have happened. Stefan (Esser of e-matters) went looking with a magnifying glass and found some vulnerabilities that could not have been found without open source."

Mickos said that he felt the potential exploits suggested by Esser in the e-matters advisory were unlikely to be used, but said that such considerations were irrelevant to MySQL, which works quickly and transparently to resolve all issues raised by its users.

"Some of the potential exploits are extreme, but we don't mind. It doesn't reduce our gratitude towards Stefan," Mickos said.

Mickos recommended that MySQL users upgrade their version of the product to version 3.23.54, which has been posted on the company's Web page.

A number of software vendors issued alerts and software updates covering the MySQL vulnerabilities in their own products.

Guardian Digital Inc. issued an advisory encouraging users of its EnGarde Secure Linux product to update their systems to use the patched version of MySQL, as did the makers of Gentoo Linux, a free Linux distribution.

Join the newsletter!

Error: Please check your email address.

More about Guardian DigitalMicrosoftMySQL

Show Comments

Market Place