Uploaded image for project: 'Percona Server for MySQL'
  1. Percona Server for MySQL
  2. PS-658

LP #1171941: CVE-2012-5615 security bug

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None

      Description

      **Reported in Launchpad by Martin Arrieta last update 03-08-2014 13:02:31

      During the initial handshake, the server replies immediately to the incorrect user name with "Access denied". But if the user name is correct, but the authentication mechanism is not - like a short scramble, when a long one is needed, or a plugin should be used - the server might reply "try different auth plugin (or scamble length)".
      This allows to detect what user accounts exists in the server.

      Tested on 5.5.30-30.2 Percona Server (GPL), Release rel30.2, Revision 508

      [root@textbox ~]# perl mysql_userenum.pl localhost wordlist
      [*] HIT! – USER EXISTS: pepe@localhost

      More information:

      http://seclists.org/fulldisclosure/2012/Dec/9
      https://mariadb.atlassian.net/browse/MDEV-3909 <---- Fixed

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            lpjirasync lpjirasync (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Smart Checklist