[MXS-1628] Security scanner says MaxScale is vulnerable to ancient MySQL vulnerability Created: 2018-01-25 Updated: 2020-08-25 Resolved: 2018-05-14 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | Core |
| Affects Version/s: | 2.0.5 |
| Fix Version/s: | 2.1.17, 2.2.2 |
| Type: | Bug | Priority: | Major |
| Reporter: | Geoff Montee (Inactive) | Assignee: | markus makela |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | security | ||
| Issue Links: |
|
||||||||
| Sprint: | MXS-SPRINT-51 | ||||||||
| Description |
|
A security scanner said that MaxScale is vulnerable to the following bug: http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1516, Is MaxScale actually vulnerable to this bug, or is the scanner being fooled by MaxScale's version-faking feature? |
| Comments |
| Comment by Johan Wikman [ 2018-01-26 ] |
|
It's likely that it is fooled by MaxScale's version-faking feature. Namely, MaxScale does not contain the code that bug is referring to (which, in principle, of course does not exclude the possibility that the MaxScale code would have the same bug). |
| Comment by Geoff Montee (Inactive) [ 2018-01-26 ] |
|
Thanks! |
| Comment by markus makela [ 2018-02-01 ] |
|
Most likely fixed by |
| Comment by markus makela [ 2018-02-05 ] |
|
Updated the default version string to 10.2.12. |
| Comment by markus makela [ 2018-02-05 ] |
|
Fixed in ef5c8d3114549b1f290e186ad80d9d3b340cda90. |
| Comment by Geoff Montee (Inactive) [ 2018-05-09 ] |
|
This does not appear to be related to the version string. The scanner seems to expect a "Bad handshake" error message in a scenario where MaxScale returns an "Access denied" error message instead. |
| Comment by markus makela [ 2018-05-10 ] |
|
The correct error packet should now be sent when a bad handshake is received. This is fixed by commit 07bc432198fdabb2a437907ea673e274b359c683. |