MySQL remote exploit
der.hans
PLUGd at LuftHans.com
Wed Sep 14 01:41:37 MST 2016
Am 14. Sep, 2016 schwätzte Herminio Hernandez, Jr. so:
> Should I be consern even if my SQL server is only listening on localhost?
Depends on what you have using it.
If it's the DB for a web site, then it's possible that SQL injection can
be used to modify your database.
For instance, WordPress has lots of security issues, so it likely can be
exploited to use SQL injection to talk to your DB.
ciao,
der.hans
> On Mon, Sep 12, 2016 at 1:29 PM, Joseph Sinclair <plug-discussion at stcaz.net>
> wrote:
>
>> FYI, minor improvement below to lock down a few edge cases (note, this is
>> primarily for EXT{2,3,4} and other filesystems that support file
>> attributes).
>> You'll also need to remove the attribute manually before updating when
>> patches become available.
>>
>> On 09/12/2016 12:33 PM, der.hans wrote:
>>> Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so:
>>>
>>> moin moin,
>>>
>>>> Basically they mirror the repos. So when it hits debian I will upgrade.
>>>
>>> Ah, OK.
>>>
>>> You might also want to create a couple of empty files and lock them down.
>>>
>>> $datadir can be exploited, so pre-emptively putting empty conf files in
>>> there that can't be changed by mysql is a good idea.
>>>
>>> The following is for anyone with questions on locking down the config
>>> files in $datadir.
>>>
>>> Presuming $datadir is /var/lib/mysql either of the following will lock
>>> down the files when run as root, but the first will destroy files you
>>> might already have.
>>>
>>> # >/var/lib/mysq/my.cnf
>>> # >/var/lib/mysq/.my.cnf
>>> # chmod 000 /var/lib/mysq/{.,}my.cnf
>> # chattr +i /var/lib/mysq/{.,}my.cnf
>>>
>>> Or, with some minimal verification that it's safe...
>>>
>>> # for file in /var/lib/mysq/{.,}my.cnf; do
>>> if [ ! -e $file ] ; then
>>> >$file
>>> chmod 000 $file
>> chattr +i $file
>>> ls -l $file
>> lsattr $file
>>> else
>>> ls -l $file
>> lsattr $file
>>> echo "You might want to check on that"
>>> fi
>>> done
>>>
>>> ciao,
>>>
>>> der.hans
>>>
>>>> Sent from my iPhone
>>>>
>>>>> On Sep 12, 2016, at 12:00 PM, der.hans <PLUGd at LuftHans.com> wrote:
>>>>>
>>>>> Am 12. Sep, 2016 schwätzte Herminio Hernandez Jr. so:
>>>>>
>>>>> moin moin,
>>>>>
>>>>>> Thanks have some SQL in DO droplets. Will be looking for this.
>>>>>
>>>>> Will DigitalOcean automagically apply the patches for you?
>>>>>
>>>>> I would expect it's in their best interest.
>>>>>
>>>>> I'm certain DreamHost is already upgraded. GoDaddy is probably rolling
>> it
>>>>> out already, but I no longer know anyone on the team over there, so am
>> not
>>>>> sure how quick they will be.
>>>>>
>>>>> This is admittedly one of the advantages of cloud. The infrastructure
>>>>> providers can centrally test and roll out for everyone. The
>> disadvantage
>>>>> is if it's something that affects you, but they don't know or care
>> about
>>>>> it :).
>>>>>
>>>>> ciao,
>>>>>
>>>>> der.hans
>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>>> On Sep 12, 2016, at 11:18 AM, der.hans <PLUGd at LuftHans.com> wrote:
>>>>>>>
>>>>>>> moin moin,
>>>>>>>
>>>>>>> a MySQL remote exploit was announced this morning. Percona and
>> MariaDB
>>>>>>> already have fixes that have not yet hit the distros.
>>>>>>>
>>>>>>> https://www.percona.com/blog/2016/09/12/percona-server-
>> critical-update-cve-2016-6662
>>>>>>>
>>>>>>> http://legalhackers.com/advisories/MySQL-Exploit-
>> Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
>>>>>>>
>>>>>>> Watch for updates.
>>>>>>>
>>>>>>> ciao,
>>>>>>>
>>>>>>> der.hans
>>>>>>> --
>>>>>>> # http://www.LuftHans.com/ http://www.PhxLinux.org/
>>>>>>> # Fairy Tale, n.: A horror story to prepare children for the
>> newspapers.
>>>>>>> ---------------------------------------------------
>>>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>> ---------------------------------------------------
>>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>
>>>>> --
>>>>> # http://www.LuftHans.com/ http://www.PhxLinux.org/
>>>>> # "You go to Afghanistan and you swallow enough dust that you'll pass
>> an
>>>>> # adobe brick." -- Robin Williams, 03Aug2006
>>>>> ---------------------------------------------------
>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# "Backups are irrelevant. Only restorals matter." -- der.hans
More information about the PLUG-discuss
mailing list