MySQL remote exploit

[crackp0t]

It's in the wild being exploited. Have fun bros. :xmas-smiley-010:


Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability

 

[secretagentdad]

Does this mean I get to clean up another wordpress mess?

 

[rushh]

i have no idea what this is

 

[ShadowCaster]

i have no idea what this is

ಠ_ಠ ಠ_ಠ

 

[(O_o)]

didnt find any exploit there. Am I missing something?

Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

 

[(O_o)]

a better place for 0days is

Exploits Database by Offensive Security
and
1337day Inj3ct0r Exploit Database : vulnerability : 0day : shellcode by Inj3ct0r Team

 

[crackp0t]

didnt find any exploit there. Am I missing something?

It's not public. That's the fun part.

 

[crackp0t]

a better place for 0days is

Exploits Database by Offensive Security
and
1337day Inj3ct0r Exploit Database : vulnerability : 0day : shellcode by Inj3ct0r Team

Those are good places to find stuff already released to the public. They even have some of my old stuff up there.

 

[harrymouni]

It's not public. That's the fun part.

Have you seen exploit code or have you heard of servers being hit?

Explain to me 'cos I'm slow but what does this give access to, the full MySQL database, some databases or shell access on the server?

 

[crackp0t]

Have you seen exploit code or have you heard of servers being hit?

Explain to me 'cos I'm slow but what does this give access to, the full MySQL database, some databases or shell access on the server?

Shell access as the mysql user. Then use a local exploit to pop a root shell if that's your thing. If you're after the data you'll have access to everything. This is a pretty big deal I can't believe it's not getting more attention.

 

[harrymouni]

Shell access as the mysql user. Then use a local exploit to pop a root shell if that's your thing. If you're after the data you'll have access to everything. This is a pretty big deal I can't believe it's not getting more attention.

You're right, there's very little info on Google.

 

[shawnhag]

just put in a server ticket - no way i am fucking with this tonight

 

[crackp0t]

just put in a server ticket - no way i am fucking with this tonight

good luck. what hosting company are you using?

 

[cheshire]

Seems like some old versions of MySQL. The 5.1 series is at version 5.1.61 or something and the 5.5 series is at 5.5.21 or something. Everything listed there has been outdated for a while. Upgrade your packages.

 

[sumohax0r]

Exploit - "Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com."

Solution - "Vendor updates are available. Please contact the vendor for more information."

THANKS FOR THE INFO BRAH ಠ_ಠ

 

[crackp0t]

Exploit - "Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com."

Solution - "Vendor updates are available. Please contact the vendor for more information."

THANKS FOR THE INFO BRAH ಠ_ಠ

Not really sure if you're being a smart ass or not, but security focus is the last to know anything. It's like the nerd in high school that knows about all the parties after they happen. I got 0days in safari that they don't know about either.

 

[crackp0t]

Seems like some old versions of MySQL. The 5.1 series is at version 5.1.61 or something and the 5.5 series is at 5.5.21 or something. Everything listed there has been outdated for a while. Upgrade your packages.

While that's true a lot of repos still push old shit.