FrSIRT finds flaws in MySQL

Powered by SC Magazine
 

Researchers at a French security organisation have uncovered a number of security vulnerabilities in the MySQL database application, the open source software used to support many Web 2.0 applications.

FrSIRT, the French Security Incidence Response Team, reported Thursday that it has identified seven vulnerabilities in MySQL.

The flaws could be exploited by malicious users to obtain sensitive information or cause a DoS attack, according to FrSIRT.

The bugs affect MySQL versions prior to 5.1.23, according to FrSIRT's advisory.

Slavik Markovich, chief technology officer at Sentrigo, a database security firm, told SCMagazineUS.com on Thursday that such flaws are common in new database applications.

"Some of the attacks are pretty basic and show the immaturity of MySQL -- some simple bugs still exist in the code," he said. "We will see a lot more of those as the adoption of MySQL increases in the enterprise."

That researchers are finding a growing number of database flaws is no surprise, said independent consultant Rich Mogull.

"We've always had database vulnerabilities, just as with other software, but recently there's been more of a focus on databases,” he said. “That's because databases hold the most sensitive information. So if someone can get into the database, it gives them an opportunity to steal a lot of valuable information."

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Soft drinks and SoftLayer: A solution for hard times?
Coca-Cola Amatil's CIO Barry Simpson shares his story of cost-cutting, outsourcing and why his software developers to ride around in delivery trucks.
 
Optus considers breaking net neutrality in Australia
May charge Netflix, OTT providers for premium service.
 
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  11%
 
No
  89%
TOTAL VOTES: 2324

Vote