Contents Summary Analysis Mitigating factors P.O.C Acknowledgments Summary During a code audit performed internally at Percona, we discovered a viable information disclosure attack when coupled with a MITM attack in which percona-toolkit and xtrabackup perl components could be coerced into returning additional MySQL configuration information. The vulnerability has since been closed. Timeline 2014-12-16 Initial research, [&]

The post Percona Security Advisory CVE-2015-1027 appeared first on MySQL Performance Blog.

https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/