MySQL Vulnerability

6 posts / 0 new
Topic locked
Last post
#1 Tue, 06/12/2012 - 02:23
PaliGap

MySQL Vulnerability

Hi

I see there are warnings going out about a basic flaw in the password software used by MySQL. One report claims about 50% of MySQL servers are vulnerable. It seems to be possible for "a brute-force attack to bag the password and gain full root access in a few seconds" - http://www.theregister.co.uk/2012/06/11/mysql_mariadb_password_flaw/

I am running a clean, standard Virtualmin Pro install on CentOS 6. Should I be worried? Is there anything I should check or do?

Tue, 06/12/2012 - 02:36
AllanIT

I run fail2ban on my server it stops brute-force attack dead. Before installing it I was receiving thousands of hit a day from brute-force attacks. Now on a very bad day I get 30 or so. you may want to try it.

AllanTI

Tue, 06/12/2012 - 03:31
PaliGap

Sounds good AllanIT - but I think it would be unwise to rely on that alone in a case like this. I use OSSEC HIDS myself and brute force attacks get stopped (I get a lot from China!). However whatever such system you use, the attacker still gets a number of chances to have a crack at the password. I think I am right in saying that with this vulnerability the odds are as bad as 1:175. Not odds I like!

What I would like to do is understand what this vulnerability is and protect it 'at source' if possible (assuming a VM setup is vulnerable in the first place).

Tue, 06/12/2012 - 03:56
ronald
ronald's picture

Red Hat has confirmed its Enterprise Linux 4, 5, and 6 are secure.

that means centos 6 also

Tue, 06/12/2012 - 08:54
Brook

You could also try configserver security - which is also available as a webmin module.

Tue, 06/12/2012 - 08:58
andreychek

Also, note that the vulnerable distributions have been pushing out an update to fix the MySQL flaw -- so making sure that your packages are up to date should prevent any problems regarding that issue.

-Eric

Topic locked