Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Zero Day MySQL Buffer Overflow - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Zero Day MySQL Buffer Overflow

A new stack-based buffer overflow vulnerability was released on Full Disclosure yesterday for MySQL. Depending of the user privileges, the flaw can cause MySQL to enumerate users, crash or possibly execute arbitrary code with the privileges of the user running MySQL.

The following CVEs have been assigned to track this MySQL vulnerability:

CVE-2012-5611 MySQL (Linux) Stack based buffer overrun PoC Zeroday
CVE-2012-5612 MySQL (Linux) Heap Based Overrun PoC Zeroday
CVE-2012-5613 MySQL (Linux) Database Privilege Elevation Zeroday Exploit
CVE-2012-5614 MySQL Denial of Service Zeroday PoC
CVE-2012-5615 MySQL Remote Preauth User Enumeration Zeroday


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu


522 Posts
ISC Handler
Dec 2nd 2012
I tried the Linux vulnerabilities against my own server this morning (CET time zone).
All of them (including the Windows vulns) require that the sysadmin did not the proper job to setup MySQL server and/or the firewall protecting it.
The vulns are there and must be fixed, but the chances that someone could use them against a well protected and properly configured MySQL server are extremely low.

5 Posts
Dec 6, 2012 - "... MySQL Database is famous for its high performance, high reliability and ease of use. It runs on both Windows and many non-Windows platforms like UNIX, Mac OS, Solaris, IBM AIX, etc. It has been the fastest growing application and the choice of big companies such as Facebook, Google, and Adobe among others. Given its popularity, cybercriminals and other attackers are definitely eyeing this platform..."

160 Posts

Sign Up for Free or Log In to start participating in the conversation!