Detections
Analytics

FreeBSD : MySQL -- SQL-injection security vulnerability (7f8cecea-f199-11da-8422-00123ffe8333)

high Nessus Plugin ID 21634

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

MySQL reports :

A SQL-injection security hole has been found in multibyte encoding processing. A SQL-injection security hole can include a situation whereby when inserting user-supplied data into a database, the user might inject his own SQL statements that the server will execute. With regards to this vulnerability discovered, when character set unaware escaping is used (e.g., addslashes() in PHP), it is possible to bypass it in some multibyte character sets (e.g., SJIS, BIG5 and GBK). As a result, a function like addslashes() is not able to prevent SQL injection attacks. It is impossible to fix this on the server side.
The best solution is for applications to use character set aware escaping offered in a function like mysql_real_escape().

Workarounds :

One can use NO_BACKSLASH_ESCAPES mode as a workaround for a bug in mysql_real_escape_string(), if you cannot upgrade your server for some reason. It will enable SQL standard compatibility mode, where backslash is not considered a special character.

Solution

Update the affected packages.

See Also

https://lists.mysql.com/announce/364

https://lists.mysql.com/announce/365

http://www.nessus.org/u?8b27405a

Plugin Details

Severity: High

ID: 21634

File Name: freebsd_pkg_7f8ceceaf19911da842200123ffe8333.nasl

Version: 1.16

Type: local

Published: 6/5/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mysql-server, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/1/2006

Vulnerability Publication Date: 5/31/2006