[Maria-discuss] security scans: 5.5.5-10.0.19 should be 5.5.43-10.0.19
[harry@rh:~]$ telnet localhost 3306 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ] 5.5.5-10.0.19-MariaDB the 5.5.5 srting leads in false positives for security scans and while i reported that to OpenVAS the correct soultion would be updating the 5.5.5 string to the latest 5.5x release instead "Fix" each scanner out there Medium (CVSS: 4.0) NVT: MariaDB 'COM_CHANGE_USER' Command Insecure Salt Generation Security Bypass Vuln... (OID: 1.3.6.1.4.1.25623.1.0.804037) Solution Upgrade to MariaDB version 5.2.14, 5.3.12, 5.5.29 or later, For updates refer to https://mariadb.org Medium (CVSS: 5.0) NVT: MariaDB Denial Of Service Vulnerability (Windows) (OID: 1.3.6.1.4.1.25623.1.0.804035) Solution Upgrade to MariaDB 5.1.68, 5.2.15, 5.3.13, 5.5.30 or later, For updates refer to https://mariadb.org Product detection result: cpe:/a:mariadb:mariadb:5.5.5- by MySQL/MariaDB Detection (OID: 1.3.6.1.4.1.25623.1.0.100152)
Hi, Reindl! On Jun 01, Reindl Harald wrote:
[harry@rh:~]$ telnet localhost 3306 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ] 5.5.5-10.0.19-MariaDB
the 5.5.5 srting leads in false positives for security scans and while i reported that to OpenVAS the correct soultion would be updating the 5.5.5 string to the latest 5.5x release instead "Fix" each scanner out there
Unfortunately, we cannot simply change the version to 5.5.43 (for example), because the current implementation of this hack relies on the fact that 5.5.5 did not support pluggable authentication. So we'd need another way to detect the fake version. The best solution would be for MySQL to fix its replication code not to make any decisions based on the first digit of the server version. But even 5.7 can only replicate from version 3..., 4..., or 5.... Everything else is "unknown version". Regards, Sergei
participants (2)
-
Reindl Harald -
Sergei Golubchik