 |
|
Who's Online
|
There are currently 199 people and 0 DV-member(s) online.
|
|
|
|
|
RSS
|
 |
|
|
|
|  |
A new worm has been discoverd that exploits weak MySQL installations on Windows-based platforms.
The SANS Institute's Storm Centre said that the MySQL worm takes advantage of weak passwords and the database's support for remote configuration. It is said that thousands of vulnerable databases have been infected by this worm so far.
The bot uses the known "MySQL UDF Dynamic Library Exploit". In order to launch itself, the bot first has to authenticate to MySQL as the "root" user. A long list of passwords is included with the bot, and it will try a brute force technique to get the password.
The insitute said that MySQL users should use stronger passwords and need to make use of a firewall to prevent infection and spreading of this worm.
More info at ComputerWeekly
|
| |
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
|
|
Re: MySQL worm attacks databases (Score: 0) by Anonymous on Friday, January 28 2005 @ 21:39:21 CET | | next time try to use spellchecker before posting | [ Reply to This ] |
|