Bug #69432 mysql-proxy denial service attack
Submitted: 8 Jun 2013 15:19 Modified: 9 Jun 2013 21:47
Reporter: Tim Rice Email Updates:
Status: Can't repeat Impact on me:
Category:MySQL Proxy: Core Severity:S3 (Non-critical)
Version:0.8.2-1 OS:Linux (Service dies when telnet)
Assigned to: CPU Architecture:Any
Tags: telnet kills service

[8 Jun 2013 15:19] Tim Rice
MySQL Proxy can be killed via remote telnet calls.  This is easy to cause a server an outage.

Sure, you would typically block hosts from connecting to mysql-proxy except for hosts that need access, but this seems to be a flaw.

How to repeat:
telnet mysql-proxy-host.tld 4040

Then type in random keys then press enter.

You will no longer be able to connect to the host after you quit the telnet session (Ctrl+])

root@cpanel2 [~]# telnet mysql-cd.tld 3306
Connected to mysql-cd.tld.
Escape character is '^]'.

After I do the below, I can login to the mysql proxy server and I see the below:
[root@mysql-cd etc]# service mysql-proxy status
mysql-proxy dead but pid file exists
[8 Jun 2013 17:10] MySQL Verification Team
I can repeat the situation with 0.8.2.  Other clients get error when trying connect:  ERROR 1043 (08S01): Bad handshake

0.8.3 doesn't seem to have the same problem.  Please upgrade and test it again.
[9 Jun 2013 21:33] Tim Rice
I agree.  0.8.2 fixes the problem.
[9 Jun 2013 21:47] Tim Rice
0.8.3 fixws the issue. Thanks for replying.