For all you MySQL fans out there, batten down the hatches...

Title: Multiple Remote 0-Day Attacks Against MySQL Databases
Description: A slew of remotely exploitable bugs in MySQL were released by 
security researcher KingCope on the Full-Disclosure mailing list over the 
weekend, with exploits including buffer overflows, user enumeration techniques, 
and denial-of-service attacks. As no patches are currently available, some of 
the issues target default configurations, and exploits are already circulating 
in the wild, system administrators are urged to lock down access to their 
database systems to only authorized users wherever possible as a mitigation 
until patches become available.
Reference:
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089025.html
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089027.html
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089023.html
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089022.html
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089026.html
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089024.html
http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089020.html
Snort SID: 24897
ClamAV: N/A

--
rk

_______________________________________________
Post Messages to: ProFox@leafe.com
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message: 
http://leafe.com/archives/byMID/profox/DF1EEF11E586A64FB54A97F22A8BD044217A2B860E@ACKBWDDQH1.artfact.local
** All postings, unless explicitly stated otherwise, are the opinions of the 
author, and do not constitute legal or medical advice. This statement is added 
to the messages for those lawyers who are too stupid to see the obvious.

Reply via email to