FreeBSD : MySQL -- SQL-injection security vulnerability (7f8cecea-f199-11da-8422-00123ffe8333)

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

MySQL reports :

A SQL-injection security hole has been found in multibyte encoding
processing. A SQL-injection security hole can include a situation
whereby when inserting user-supplied data into a database, the user
might inject his own SQL statements that the server will execute. With
regards to this vulnerability discovered, when character set unaware
escaping is used (e.g., addslashes() in PHP), it is possible to bypass
it in some multibyte character sets (e.g., SJIS, BIG5 and GBK). As a
result, a function like addslashes() is not able to prevent SQL
injection attacks. It is impossible to fix this on the server side.
The best solution is for applications to use character set aware
escaping offered in a function like mysql_real_escape().

Workarounds :

One can use NO_BACKSLASH_ESCAPES mode as a workaround for a bug in
mysql_real_escape_string(), if you cannot upgrade your server for some
reason. It will enable SQL standard compatibility mode, where
backslash is not considered a special character.

See also :

http://lists.mysql.com/announce/364
http://lists.mysql.com/announce/365
http://www.nessus.org/u?ed84b224

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21634 (freebsd_pkg_7f8ceceaf19911da842200123ffe8333.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now