To: mysql@lists.mysql.com
Subject: RE: FW: [USN-1017-1] MySQL vulnerabilities
I don't think you understand how many exploits work. Through some social
engineering or plain brute force or rainbow tables I can get the user/pass
for many typical users. I could also give you some code and tell you
.
-Original Message-
From: Jan Steinman [mailto:j...@bytesmiths.com]
Sent: Saturday, November 13, 2010 1:33 PM
To: mysql@lists.mysql.com
Subject: RE: FW: [USN-1017-1] MySQL vulnerabilities
From: Daevid Vincent dae...@daevid.com
my point exactly. there is NONE. and if you don't
then, YOUR account could be compromised too.
-Original Message-
From: Jan Steinman [mailto:j...@bytesmiths.com]
Sent: Saturday, November 13, 2010 1:33 PM
To: mysql@lists.mysql.com
Subject: RE: FW: [USN-1017-1] MySQL vulnerabilities
From: Daevid Vincent dae...@daevid.com
my point exactly
On Fri, Nov 12, 2010 at 3:23 PM, Gael gael.marti...@gmail.com wrote:
On Fri, Nov 12, 2010 at 4:12 PM, Daevid Vincent dae...@daevid.com wrote:
my point exactly. there is NONE. and if you don't patch your mysql as
needed, then you will need a lot more help when you're hacked. ;-p
From: Daevid Vincent dae...@daevid.com
my point exactly. there is NONE. and if you don't patch your mysql as
needed, then you will need a lot more help when you're hacked. ;-p
I note that the impact of every single one of these vulnerabilities was An
authenticated user could exploit this to
I suspect that that is because this is not a security list, but a general
help list. If you want those things, you'll get them from either your
vendor, bugtraq, or the mysql security-specific mailing list that
undoubtedly exists somewhere. Don't ask me where, though - I'm not on it
either :-)
On
:18 PM
To: Daevid Vincent
Cc: mysql
Subject: Re: FW: [USN-1017-1] MySQL vulnerabilities
I suspect that that is because this is not a security list, but a general
help list. If you want those things, you'll get them from either your
vendor, bugtraq, or the mysql security-specific mailing list
On Fri, Nov 12, 2010 at 4:12 PM, Daevid Vincent dae...@daevid.com wrote:
my point exactly. there is NONE. and if you don't patch your mysql as
needed, then you will need a lot more help when you're hacked. ;-p
http://lists.mysql.com/
Daevid,
You may want to read