cnvd - cnvd-2017-33524

CNVD-2017-33524

Vulnerability from cnvd - Published: 2017-11-10

Title

Percona toolkit和xtrabackup信息泄露漏洞

Description

Percona percona-toolkit和xtrabackup都是美国Percona公司的产品。percona-toolkit是一套高级命令行工具。xtrabackup是一套开源的用来备份MySQL的InnoDB数据库的工具。version checking subroutine是其中的一个版本检查子程序。 Percona percona-toolkit 2.2.13之前的版本和xtrabackup 2.2.9之前的版本中的version checking subroutine存在安全漏洞。攻击者可利用该漏洞获取MySQL正在运行的配置。

Severity

中

Patch Name

Percona toolkit和xtrabackup信息泄露漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/

Reference

https://bugs.launchpad.net/percona-toolkit/+bug/1408375

Impacted products

Name
['Percona toolkit <2.2.13', 'Percona xtrabackup <2.2.9']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1027"
    }
  },
  "description": "Percona percona-toolkit\u548cxtrabackup\u90fd\u662f\u7f8e\u56fdPercona\u516c\u53f8\u7684\u4ea7\u54c1\u3002percona-toolkit\u662f\u4e00\u5957\u9ad8\u7ea7\u547d\u4ee4\u884c\u5de5\u5177\u3002xtrabackup\u662f\u4e00\u5957\u5f00\u6e90\u7684\u7528\u6765\u5907\u4efdMySQL\u7684InnoDB\u6570\u636e\u5e93\u7684\u5de5\u5177\u3002version checking subroutine\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7248\u672c\u68c0\u67e5\u5b50\u7a0b\u5e8f\u3002\r\n\r\nPercona percona-toolkit 2.2.13\u4e4b\u524d\u7684\u7248\u672c\u548cxtrabackup 2.2.9\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684version checking subroutine\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6MySQL\u6b63\u5728\u8fd0\u884c\u7684\u914d\u7f6e\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-33524",
  "openTime": "2017-11-10",
  "patchDescription": "Percona percona-toolkit\u548cxtrabackup\u90fd\u662f\u7f8e\u56fdPercona\u516c\u53f8\u7684\u4ea7\u54c1\u3002percona-toolkit\u662f\u4e00\u5957\u9ad8\u7ea7\u547d\u4ee4\u884c\u5de5\u5177\u3002xtrabackup\u662f\u4e00\u5957\u5f00\u6e90\u7684\u7528\u6765\u5907\u4efdMySQL\u7684InnoDB\u6570\u636e\u5e93\u7684\u5de5\u5177\u3002version checking subroutine\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7248\u672c\u68c0\u67e5\u5b50\u7a0b\u5e8f\u3002\r\n\r\nPercona percona-toolkit 2.2.13\u4e4b\u524d\u7684\u7248\u672c\u548cxtrabackup 2.2.9\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684version checking subroutine\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6MySQL\u6b63\u5728\u8fd0\u884c\u7684\u914d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Percona toolkit\u548cxtrabackup\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Percona toolkit \u003c2.2.13",
      "Percona xtrabackup \u003c2.2.9"
    ]
  },
  "referenceLink": "https://bugs.launchpad.net/percona-toolkit/+bug/1408375",
  "serverity": "\u4e2d",
  "submitTime": "2017-10-10",
  "title": "Percona toolkit\u548cxtrabackup\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2015-1027 (GCVE-0-2015-1027)

Vulnerability from cvelistv5 – Published: 2017-09-28 19:00 – Updated: 2024-08-06 04:33

Summary

The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://bugs.launchpad.net/percona-toolkit/+bug/1408375	x_refsource_CONFIRM
	https://www.percona.com/blog/2015/05/06/percona-s…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:33:19.329Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/percona-toolkit/+bug/1408375"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/percona-toolkit/+bug/1408375"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-1027",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.launchpad.net/percona-toolkit/+bug/1408375",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/percona-toolkit/+bug/1408375"
            },
            {
              "name": "https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/",
              "refsource": "CONFIRM",
              "url": "https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-1027",
    "datePublished": "2017-09-28T19:00:00",
    "dateReserved": "2015-01-10T00:00:00",
    "dateUpdated": "2024-08-06T04:33:19.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-33524

CVE-2015-1027 (GCVE-0-2015-1027)

Tags

Sightings

Nomenclature