This issue was disclosed by a researcher from Tencent Security in a research paper released on January 11, 2019. The researcher found an issue in the Python Remote Connector (pymysqlnd) that can be exploited by an attacker to execute arbitrary code on the server. This issue affects all versions of the Python 3.6 and later versions, but the exploitation will work best with Python 3.7 and later versions. This issue can be exploited by a remote attacker by convincing a user to open a specially crafted file via email. To exploit this issue, an attacker must either convince the user to open a link in a mail or convince the user to open an email attachment. This issue also affects MySQL, MariaDB, and other database servers.
Summary of vulnerabilities
Multiple stack-based buffer overflow vulnerabilities exist in the Python Remote Connector (pymysqlnd) that can be exploited by a remote attacker. The exploitation will work best with Python 3.7 and later versions, but the vulnerability can be exploited by a remote attacker with any Python version. To exploit this issue, an attacker must either convince the user to open a specially crafted file via email or convince the user to open an email attachment. This issue also affects MySQL, MariaDB, and other database servers.
The following are some of the ways this vulnerability can be exploited:
* An attacker can send an email containing a link to a malicious file hosted on an external server or social media page that contains JavaScript code with malicious payloads
* An attacker can send an email containing a link to a malicious file hosted on their computer that contains JavaScript code with malicious payloads
* An attacker can provide a file as part of their installation process that has malicious payloads
Vulnerability overview
A vulnerability in pymysqlnd was found by a researcher from Tencent Security and disclosed on January 11, 2019. The researcher found an issue in the Python Remote Connector (pymysqlnd) that can be exploited by an attacker to execute arbitrary code on the server. This issue affects all versions of the Python 3.6 and later versions, but the exploitation will work best with Python 3.7 and later versions. This issue can be exploited by a remote attacker by convincing a user to open a specially crafted file via email. To exploit this issue, an attacker must either convince the user to open a link in a mail or convince the user to open an email attachment. This issue also affects MySQL, MariaDB, and other database servers.
References:
Tencent Security released a research paper on January 11, 2019.
This issue affects all versions of the Python 3.6 and later versions, but the exploitation will work best with Python 3.7 and later versions.
Python Remote Connector
Python Remote Connector is a Python module used in database to establish a connection to the MySQL database. The module has been vulnerable to a remote code execution since 2011 and is still not fixed. This issue can be exploited by an attacker who convinces the user to open a specially crafted file via email or convince the user to open an email attachment.
What is MySQL?
MySQL is a relational database management system (RDBMS) that runs primarily on Unix and Windows servers. It is developed, owned, and supported by Oracle Corporation.
Timeline
Published on: 09/13/2022 19:15:00 UTC
Last modified on: 09/16/2022 17:05:00 UTC