![Vunerabilities-Banner-Patrick-Domingues - Patrick Domingues](https://i0.wp.com/patrickdomingues.com/wp-content/uploads/2018/10/Vunerabilities-Banner-Patrick-Domingues.png?fit=1200%2C600&ssl=1)
MySQL Design Flaw can be leveraged to steal sensitive information
MySQL has released a security statement providing the following information:
The LOAD DATA
statement can load a file located on the server host, or, if the LOCAL
keyword is specified, on the client host.
There are two potential security issues with the LOCAL
version of LOAD DATA
:
- The transfer of the file from the client host to the server host is initiated by the MySQL server. In theory, a patched server could be built that would tell the client program to transfer a file of the server’s choosing rather than the file named by the client in the
LOAD DATA
statement. Such a server could access any file on the client host to which the client user has read access. (A patched server could in fact reply with a file-transfer request to any statement, not justLOAD DATA LOCAL
, so a more fundamental issue is that clients should not connect to untrusted servers.) - In a Web environment where the clients are connecting from a Web server, a user could use
LOAD DATA LOCAL
to read any files that the Web server process has read access to (assuming that a user could run any statement against the SQL server). In this environment, the client with respect to the MySQL server actually is the Web server, not a remote program being run by users who connect to the Web server.
To avoid LOAD DATA
issues, clients should avoid using LOCAL
. To avoid connecting to untrusted servers, clients can establish a secure connection and verify the server identity by connecting using the --ssl-mode=VERIFY_IDENTITY
option and the appropriate CA certificate.
More Details can be found at MySQL
- Scanning Directories for Files with PowerShell
- How to Install AWS CLI on Ubuntu 24.04
- How To Install Plex Media Server on Ubuntu 24.04
- How to Install Nginx Proxy Manager on Ubuntu 24.04 and Docker
- Tackling Shadow IT: The Unseen Network Security Risk
Discover more from Patrick Domingues
Subscribe to get the latest posts sent to your email.