Bug #38707 Port 3306 exposing sensitive details
Submitted: 11 Aug 2008 0:05 Modified: 18 Aug 2008 9:32
Reporter: Rico Suave Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server Severity:S1 (Critical)
Version:5.0.51 OS:Linux
Assigned to: CPU Architecture:Any
Tags: octet-stream, port 3306 security, sensitive file exposed

[11 Aug 2008 0:05] Rico Suave 
Description:
I have tried my est to search bugs but I havent had luck as I am a newbie.

When I type in eg www.myurl.com:3306 to see what happened when I visit port 3306 via url, sensitive details are offered in a file.

I am asked if I want to download (file name space always empty) which is an octet-stream. It exposes the version number and possibly more on one line kind of like below.

C   
5.0.51a-community-log 'Œ >fgREEfU ,¢0              V/&o~NJhL#hf   ÿBad handshake

Can anyone please shed some light on this? I wish I knew if this was a security issue!

Thanks, any help is really appreciated!!

How to repeat:
Simply visit eg www.myurl.com:3306

Suggested fix:
?
[11 Aug 2008 9:34] Sveta Smirnova 
Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://dev.mysql.com/doc/ and the instructions on
how to report a bug at http://bugs.mysql.com/how-to-report.php

You have to connect with MySQL server using client supposed for it. Like mysql command line client or MySQL Query Browser.
[18 Aug 2008 9:32] Sergei Golubchik 
According to
http://forge.mysql.com/wiki/MySQL_Internals_ClientServer_Protocol#Handshake_Initialization...
the initial handshake packet contains the server version and server capabilities.

Yes, one can argue that it's information exposure and a security issue. Still, if the server itself is secure then exposing this information is not a problem, if it's not - an old version with known security bugs, for example - then hiding the version will hardly help anyway, security by obscurity is rarely a solution.