Vigil@nce - Debian: user access to mysql-server
June 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can read the file /etc/mysql/debian.cnf while the
installation script of mysql-server of Debian is running, in order
to get a privileged access to the database server.
Impacted products: Debian
Severity: 2/4
Creation date: 10/06/2013
DESCRIPTION OF THE VULNERABILITY
The package mysql-server-5.5 contains the relational database
management system MySQL.
During the installation of the mysql-server-5.5 package, an
account named debian-sys-maint is created. The file
/etc/mysql/debian.cnf contains the username and the password for
this account. However, this file is temporarily world readable.
A local attacker can therefore read the file /etc/mysql/debian.cnf
while the installation script of mysql-server of Debian is
running, in order to get a privileged access to the database
server.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Debian-user-access-to-mysql-server-12930