edit-icon download-icon

[Vulnerability notice] CVE-2017-3305: Man-in-the-middle attack riddle vulnerability in MySQL

Last Updated: Apr 08, 2018

On April 15, 2017, it was revealed that DBMS Oracle MySQL had a riddle vulnerability. Attackers can exploit this vulnerability to start man-in-the-middle attacks to steal user names and passwords.

See the following for more information about the vulnerability.


CVE identifier

CVE-2017-3305

Vulnerability name

MySQL man-in-the-middle attack riddle vulnerability

Vulnerability rating

High

Vulnerability description

The man-in-the-middle riddle vulnerability is a high-severity security vulnerability found in Oracle MySQL 5.5 and 5.6 client databases. The vulnerability allows attackers to use riddle in the middle to break SSL connections between MySQL clients and servers.

Condition and method of exploitation

Tools can be used to start remote man-in-the-middle attacks.

Affected scope

  • Affected versions: MySQL 5.5 and 5.6
  • Unaffected versions: MySQL 5.7 and later versions, MariaDB

Vulnerability detection

Check whether any affected version of MySQL is used.

  1. mysql> select version();
  2. +-----------+
  3. | version() |
  4. +-----------+
  5. [color=#333333]| 5.1.69 | -[/color][color=#ff0000]--Affected[/color]
  6. +-----------+
  7. 1 row in set (0.12 sec)

How to fix or mitigate

  • Upgrade MySQL to MySQL 5.7 or MariaDB.

  • Use the security group public network inbound policy or MySQL authorization feature to restrict Port 3306 from remotely logging on to the source IP address.

Reference

[1]. http://securityaffairs.co/wordpress/58019/hacking/oracle-mysql-riddle-vulnerability.html

Thank you! We've received your feedback.