Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 3 May 2017 19:10:52 +0200
From: Pali Rohár <pali.rohar@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: MySQL - Again Riddle vulnerability (public disclosure)

On Wednesday 03 May 2017 18:23:09 Pali Rohár wrote:
> Hi!
> 
> The Riddle vulnerability (CVE-2017-3305) we have it there again.
> 
> So what happened?
> 
> In 2015 was discovered BACKRONYM vulnerability (CVE-2015-3152) which
> allowed an attacker to downgrade and snoop on the SSL encrypted
> connection between MySQL client and server. Oracle claimed it was
> fixed in MySQL 5.5.49. Later in February 2017 I discovered The
> Riddle vulnerability (CVE-2017-3305) which allowed an attacker to do
> man in the middle attack. Oracle claimed it was fixed in MySQL
> 5.5.55.
> 
> And now in April 2017 I found out that it is still not fixed in MySQL
> 5.5.55 properly and I named this defect Again Riddle. Basically fix
> for The Riddle in 5.5.55 introduced Again Riddle.
> 
> And what is the problem?
> 
> If MySQL client library libmysqlclient.so is compiled from source
> code without SSL support via cmake switch -DWITH_SSL=OFF, then all
> SSL related functions from libmysqlclient.so return success
> (non-error) value. And function mysql_real_connect() from
> libmysqlclient.so connects to MySQL server via plain text protocol,
> even if client enforced SSL mode with certificate verification.
> Which means that function for enforcing SSL mode does nothing if
> libmysqlclient.so is compiled without SSL support. So attacker can
> do exactly same what for The Riddle vulnerability.
> 
> So every application which links to libmysqlclient.so and require SSL
> encryption of MySQL protocol is affected.
> 
> I contacted Oracle, MariaDB and Percona security teams about this
> problem and after discussion we scheduled public disclosure to May 3.
> 
> Oracle decided that this Again Riddle vulnerability would not have
> CVE identifier and would be part of original The Riddle
> vulnerability CVE-2017-3305.
> 
> I'm not sure if this is correct decision, as MariaDB 5.5 was not
> affected by The Riddle vulnerability, but is affected by Again
> Riddle.
> 
> I was told that prebuild binaries are not affected as they are
> compiled with SSL support, but lot of distributions compile
> libraries from source code by their own which means they could be
> affected.
> 
> I prepared POC program written in C to verify if system installed
> libmysqlclient.so library is vulnerable or not. You can find it on
> the new Again Riddle website together with some Q&A:
> 
> http://again.riddle.link/

Yesterday Oracle released new MySQL 5.5.56 which disable compilation 
without SSL support, just to address this issue.

So it is not possible to compile MySQL without SSL support anymore.

-- 
Pali Rohár
pali.rohar@...il.com

Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.