 | |
|
iTWire Technology Feature - Virtualisation
Technology news and Jobs 
The Linux distillery The dark side of open source: Hacking MySQL
The Linux distillery The dark side of open source: Hacking MySQL | The dark side of open source: Hacking MySQL |
|
|
| by David M Williams | |
| Sunday, 10 February 2008 | |
|
Page 1 of 3
On the one hand it’s easier said than done to “check out the source code”; the number of non-programmers in the world would certainly exceed the number of programmers. Even then, the programmers no doubt have other things to do than pore over every line of every item they wish to run. Nevertheless, because the source code is available you can generally be assured someone somewhere probably has reviewed it and any clearly fake programs would be weeded out by the community. Yet, just as it is possible to read the source code to verify the program has genuine intentions, there are also those people who read it to find vulnerabilities which they hope to exploit. This isn’t an argument against open source software by any means; a proprietary system may not have exploits which are found as quickly but there’s a far greater likelihood that the developers of a closed system will not discover these vulnerabilities until after they’ve already been used by the “bad guys.” By contrast, security defects in open source software will generally be published quickly giving the development team a chance to write and release a fix quickly. The problem is, however, no matter how many fixes come out or how quickly, unless the existing production systems are patched or upgraded the vulnerabilities will still be out in the wild and open for plucking. This is true no matter if the software is open source or not. Let’s illustrate with MySQL, the world’s most popular open source database system. This system has a nice feature whereby it prints its version number in clear text to any person or application that connects to it via TCP. You don’t even need to be running a “real” program; the excellent port scanner netcat can be used like so: nc –w 1 host 3306 The resulting output may be a string like any of these 5.0.15 4.0.20a-nt 3.23.29a-gamma or something along the same lines. Successfully getting the version number will do wonders; you need now just look it up in the US government sponsored National Vulnerability Database – this site so helpfully provides a vulnerability database. Searching for nothing more than MySQL 5.0.15 brings a page of results including one flagged as high risk, vulnerability summary CVE-2006-2753. What does it say? And what can you do? Please read on! CONTINUED
|
| < Next story in category | Previous story in the category > |
|---|
