back to article MySQL gains new batch of vulns

A series of posts on ExploitDB by an author signing as “King Cope” reveal a new set of MySQL vulnerabilities – along with one issue that could just be a configuration issue. The vulnerabilities, which emerged on Saturday, include a denial-of-service demonstration, a Windows remote root attack, two overrun attacks that work on …

COMMENTS

This topic is closed for new posts.

File System Permissions

If you've given users the ability to write to your mysql database directory, you've already pissed up. A sane setup should be protected from that by default. Never write anything in to the same directory that someone else can, too many opportunities for race conditions and other timing attacks.

The heap and stack attack look like they could be kind of dangerous, hack in a poorly protected site on your server, get credentials to your sql server, then dump password tables for other sites. Could see a few more big sites password lists get in the wild from this.

4
0
Mushroom

Re: File System Permissions

Damn, and here I am still looking for little Bobby tables vulnerabilities....

1
0
Thumb Up

Re: File System Permissions

If you already have access to the mysql user, and can write files owned by mysql, the ability to make a database user have full admin access is rather unsurprising.

Privalege escalation is not privalege escalation when you need privs higher or equal to the privs you are attempting to aquire.

The mysql user is a higher privalege than any database user account.

1
0
Bronze badge
Mushroom

Re: File System Permissions

Should have used Microsoft SQL server....like 1 vulnerability in 7 years...Cheaper too if you need support...

2
4

Re: File System Permissions

Postgresql comes to mind also

1
0
WTF?

Re: File System Permissions

Microsoft SQL cheap? Larf.

1
1
Bronze badge

MS vs Oracle

like 1 vulnerability in 7 years. Microsoft is also ahead of the industry here. Hint: SQL Slammer. Compared to the wacko-run Oracle, Microsoft is truly da best of da best!

1
1
Bronze badge
Mushroom

Re: MS vs Oracle

That would be like 10 years ago....Rather like this more recent MYSQL worm: http://www.pcworld.com/article/119490/article.html

0
2
Bronze badge
Mushroom

Re: File System Permissions

You obviously havnt seen what Oracle charge....

0
1
Bronze badge

Richto

Please read first, what you post:

Thousands of Microsoft Windows machines running MySQL have been infected, according to one security expert...The new version of Forbot infects machines by taking advantage of administrator accounts with weak or nonexistent passwords. ...infects machines by exploiting loosely secured MySQL installations running on Windows machines

Why wouldn't it exploit loosely secured Linux or FreeBSD machines, like say, php?

0
0
Bronze badge
Mushroom

Re: Richto

That's like asking why the Slapper worm only runs on Linux....

0
3
This topic is closed for new posts.

Forums