Bugtraq mailing list archives
Trivial mSQL/MySQL DoS method?
From: markjr () SHMOOZE NET (Stunt Pope)
Date: Thu, 26 Mar 1998 13:36:19 -0500
I noticed this awhile ago and meant to mention it, but then I forgot. (Until last night when someone portscanned one of my servers and this behaviour exhibited itself again.) I have tested this on mSQL 1.0.16 and MySQL 3.20.20 on Slackware 2.0.27 and the MySQL additionally on FreeBSD 2.2.2-current. (This has not been tested on mSQL2.x) It seems that if one wants to bring a website that relies heavily on mSQL or MySQL to it's knees, simply telnet to the port the server listens on (1112 for mSQL or 3333 for MySQL) and then just sit there, forget about it. Nothing on the server will be able to query any of the databases. The admin shutdown or reload commands will hang, etc. As long as someone keeps the null connection open to the SQL server's port, the only way to resume database operations is to kill the parent process and restart the daemon. This seems to work regardless of what's in the acl files or tables. A site using mod_auth_msql or mod_auth_mysql would be especially inconvenienced. -mark --- Mark Jeftovic aka: mark jeff or vic, stunt pope. markjr () shmOOze net http://www.shmOOze.net/~markjr Private World's BOFH http://www.PrivateWorld.com irc: L-bOMb Keep `em Guessing
Current thread:
- mysql: MySQL Security, (continued)
- mysql: MySQL Security Michael Widenius (Mar 29)
- wtmpx utility for solaris Ryan (Mar 30)
- Re: wtmpx utility for solaris Mikael Brandstrom (Mar 31)
- HPSBUX9803-077 Security Vulnerability with inetd on HP-UX Aleph One (Mar 30)
- pset Buffer Overrun Vulnerability SGI Security Coordinator (Mar 26)
- Netscape Navigator Security Vulnerabilities SGI Security Coordinator (Mar 26)
- Re: Trivial mSQL/MySQL DoS method? Nigel Reed (Mar 26)