Hi, Reindl! On Jun 01, Reindl Harald wrote:
[harry@rh:~]$ telnet localhost 3306 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ] 5.5.5-10.0.19-MariaDB
the 5.5.5 srting leads in false positives for security scans and while i reported that to OpenVAS the correct soultion would be updating the 5.5.5 string to the latest 5.5x release instead "Fix" each scanner out there
Unfortunately, we cannot simply change the version to 5.5.43 (for example), because the current implementation of this hack relies on the fact that 5.5.5 did not support pluggable authentication. So we'd need another way to detect the fake version. The best solution would be for MySQL to fix its replication code not to make any decisions based on the first digit of the server version. But even 5.7 can only replicate from version 3..., 4..., or 5.... Everything else is "unknown version". Regards, Sergei