Security

April 26

Security and the real world

These are the slides I have shown at my security talk (Room F at 11.50am today).

Security and the real world (PDF, 1.4 MB):

Continue reading "Security and the real world"

Posted by Kristian Köhntopp in Community, Security at 22:09 | Comments (0) | Trackback (1)

September 15

Heise Security: Buffer Overflow in MySQL

Heise Security writes about the UDF Buffer Overflow in MySQL (CAN-2005-2558).

The bug is fixed in 4.0.25, 4.1.13 and 5.0.7 (beta). It is exploitable only if

your MySQL port is reachable,
and you are authenticated,
and you have permission to execute create function. To be able to do this, you need INSERT privilege on the mysql.func table, that is, you usually are already root on your server.

The bug is consequently considered not critical.

System integrators that provide MySQL as part of their distributions are following suit with their respective advisories and provide upgrades.

More background information: The term user defined function describes the ability of the MySQL server to load and execute machine code at run-time within the context of the MySQL server. This code is made available to the end user in the form of SQL functions that can be called in SELECT and other commands. Security is implemented by restricting the pathnames from which code can be loaded, but UDF permission still is an extremely far reaching access right, and is not granted by default to anybody except the DBA.

Should you upgrade? The upgrade to a current version of MySQL is recommended, but is critical in your environment only, if the above three conditions for an exploit are met by users you deem untrustworthy within the terms of your security policy.

Posted by Kristian Köhntopp in Security at 12:02 | Comments (0) | Trackbacks (0)

(Page 1 of 1, totaling 2 entries)

Quicksearch

Comments

delbertino about phpvikinger.org: Things that have no name
Sun, 11.05.2008 06:34
In reply to "stuff with no nam es":very informative and succi nct. I am retired and need to learn to build a website [...]

ashok about What is the difference between MySQL and Postgres?
Wed, 30.04.2008 14:08
what is the difference between MySql and PostgreSql?

fortunecookienotes about Fortune Cookie
Wed, 09.04.2008 21:46
What a random fortune, who kno ws what it means. My favorite random fortune cookie note rea ds "you will make a good [...]

Harrison Fisk about Configuring InnoDB - An InnoDB tutorial
Thu, 27.03.2008 19:17
Hi Kristian, I noticed a fe w things that are wrong with y our above article. Overall it is good however, so don [...]

Erik about Rubyisms
Wed, 19.03.2008 15:01
Sorry, I should mention that t he create transaction simply i nvolves doing: content = Bl ogContent.new(params[:co [...]

Erik about Rubyisms
Wed, 19.03.2008 14:51
I like to separate text and bl ob columns into their own mode ls and tables, storing and man aging the record content [...]

James deville about Rubyisms
Wed, 27.02.2008 04:47
IMHO: Rails is being designed and primarily used by people w ith a dedicated DB. So the ide a of constraining in the [...]

James deville about Rubyisms
Wed, 27.02.2008 04:33
Rails only uses transactions i f you ask it to. If you just d o a People.find(:all), it does a select * from people, [...]

Authors

Azundris (12)

Bernd Eckenfels (1)

Kristian Köhntopp (61)

Tobias Struckmeier (0)

All authors

Syndicate This Blog

RSS 2.0 feed

ATOM 1.0 feed

RSS 2.0 Comments

Blog Administration

Open login screen

Disclaimer

All examples, code-snippets, advice, trivia, etc. are supplied in the hope that they are useful, but no warranty of any kind is given. Use of trademarks is not intended as a challenge to them.

MySQL-dump