Skip to end of metadata
Go to start of metadata
What wrong with MySql ?
A bug in MySql/MariaDB Sql allows an attacker to by-pass authentication on the database server by brute-forcing it. This bug is trivial to
exploit. Original Advisory and details
Why should I be worried?
LBNL Cyber security has noticed a significant spike in scanning activity for mysql ports (tcp/3306) since late May onwards. The increase in the activity is an indication that miscreants are attempting to exploit this bug by identifying and brute-forcing vulnerable MySql installations. LBNL's scan detection and auto blocks on the border have been effective deterrent so far.
We strongly advise that you patch and update your systems.
Am I affected?
All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 *are vulnerable*.
MariaDB versions from 5.1.62, 5.2.12, 5.3.6, 5.5.23 are not affected.
MySQL versions from 5.1.63, 5.5.24, 5.6.6 are not affected.
How do I protect myself?
Install the updates on MySql server. You can use your package management tools such as yum or apt-get to fetch the updates.
Additionally, the original advisory also provides the links to the fixes:
Am I compromised?
So far we haven't found a system within the LBNL network which has been compromised by exploiting this bug. LBNL Cyber Security is actively monitoring network for any such signs of compromise.
I want to know more