MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1024508 |
|
SecurityTracker URL: http://securitytracker.com/id/1024508
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Oct 5 2010
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): prior to 5.1.50
|
Description:
A vulnerability was reported in MySQL. A remote authenticated user can obtain elevated privileges on the target system.
When statement-based replication is used, a remote authenticated user on a slave with a higher server release version than that of the master can supply specially crafted version-specific comments within a statement to execute statements on the target slave with SUPER privileges.
|
Impact:
A remote authenticated user can obtain elevated privileges on the target system.
|
Solution:
The vendor has issued a fix (5.1.50).
The vendor's advisory is available at:
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
|
Vendor URL: www.mysql.com/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 04 Oct 2010 21:08:38 +0000
Subject: MySQL
|
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
Security Fix: Replication: It was possible when using statement-based replication to
subvert the MySQL privilege system on a slave with a higher server release version
number than that of the master by using version-specific comments in statements run on
the master.
|
|
