The Linux distillery
Bringing the world of Linux to you, David cuts through the tech and shows you how it works and how to use it, in terms that apply to any distro. RSS
Technology news and Jobs arrow The Linux distillery arrow The dark side of open source: Hacking MySQL
The dark side of open source: Hacking MySQL E-mail
by David M Williams   
Sunday, 10 February 2008
Page 1 of 3
Open source software advocates – like myself – will point out that a user can have confidence in the application’s integrity because the program code is readily viewable. However, not everyone who reads source code has pure intentions. Here’s how MySQL has been cracked in the past, and how you can keep safe.

Among other benefits, open source software can claim to be Trojan-free. If ever you have fears a program doesn’t really do what it claims or is possibly doing something else just check out the source code and even build it from source. You don’t need to trust any pre-compiled binaries or packages either.

On the one hand it’s easier said than done to “check out the source code”; the number of non-programmers in the world would certainly exceed the number of programmers. Even then, the programmers no doubt have other things to do than pore over every line of every item they wish to run. Nevertheless, because the source code is available you can generally be assured someone somewhere probably has reviewed it and any clearly fake programs would be weeded out by the community.

Yet, just as it is possible to read the source code to verify the program has genuine intentions, there are also those people who read it to find vulnerabilities which they hope to exploit.

This isn’t an argument against open source software by any means; a proprietary system may not have exploits which are found as quickly but there’s a far greater likelihood that the developers of a closed system will not discover these vulnerabilities until after they’ve already been used by the “bad guys.”

By contrast, security defects in open source software will generally be published quickly giving the development team a chance to write and release a fix quickly.

The problem is, however, no matter how many fixes come out or how quickly, unless the existing production systems are patched or upgraded the vulnerabilities will still be out in the wild and open for plucking. This is true no matter if the software is open source or not.

Let’s illustrate with MySQL, the world’s most popular open source database system. This system has a nice feature whereby it prints its version number in clear text to any person or application that connects to it via TCP. You don’t even need to be running a “real” program; the excellent port scanner netcat can be used like so:

nc –w 1 host 3306

The resulting output may be a string like any of these

5.0.15
4.0.20a-nt
3.23.29a-gamma

or something along the same lines. Successfully getting the version number will do wonders; you need now just look it up in the US government sponsored National Vulnerability Database – this site so helpfully provides a vulnerability database. Searching for nothing more than MySQL 5.0.15 brings a page of results including one flagged as high risk, vulnerability summary CVE-2006-2753.

What does it say? And what can you do? Please read on!

CONTINUED







<< First page <   1 2 3 Next page > Last page - Post your comment >>
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers		 904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire