Thread: MySQL vulnerable
View Single Post
Old 06-11-2012, 02:08 PM  
CYF
Coupon Guru
 
CYF's Avatar
 
Industry Role:
Join Date: Mar 2009
Location: Minneapolis
Posts: 10,973
Quote:
Originally Posted by signupdamnit View Post
Thanks for sharing this. Here's a link about it I found for anyone who wants it:

http://www.h-online.com/open/news/it...d-1614990.html

Am I correct in thinking that if one has their server configured to only accept local connections (like 127.0.0.1 for instance) then the hacker would have to first get a shell account or such on the system to be able to actually exploit this?
correct. I have this option enabled:

skip-networking

so the attacker would have to be local.
__________________
Webmaster Coupons Coupons and discounts for hosting, domains, SSL Certs, and more!
AmeriNOC Coupons | Certified Hosting Coupons | Hosting Coupons | Domain Name Coupons

CYF is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote