lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 01 Dec 2012 23:18:47 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: king cope <isowarez.isowarez.isowarez@...glemail.com>
Cc: security@...iadb.org, ritwik.ghoshal@...cle.com,
	todd@...ketstormsecurity.org, security@...ql.com,
	full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
	moderators@...db.org, submit@...sec.com, coley@...re.org,
	cve-assign@...re.org
Subject: Re: MySQL 5.1/5.5 WiNDOWS REMOTE R00T
	(mysqljackpot)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/01/2012 11:41 AM, king cope wrote:
> *** FARLiGHT ELiTE HACKERS LEGACY R3L3ASE ***
> 
> Attached is the MySQL Windows Remote Exploit (post-auth, udf 
> technique) including the previously released mass scanner. The
> exploit is mirrored at the farlight website
> http://www.farlight.org.
> 
> Cheerio,
> 
> Kingcope

So in the case of this issue it appears to be documented (UDF, do not
run MySQL as administrator, etc.). As I understand CVE assignment
rules this issue does not require a CVE, however just to be on the
safe side I'm CC'ing MySQL, Oracle, MariaDB, OSS-SEC, Steven Christey,
cve-assign and OSVDB to the CC so that everyone is aware of what is
going on.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQuvLHAAoJEBYNRVNeJnmT9qkQAJQpvJbzLGsgqaX514YqIdIv
cxa7hjTeTEJQk6M9Do2QRdzUekUqNc6rAVW06TAnnSjE1aBoiFmpKqr38VzD/7BX
27ZuSpEPHeVYqKwruMzmV51b/0/4C5TqVRhgC5vxW9iXHUp2srKvaSxYlnZ6aRg4
R8vXbYc+FDW2T5bL0EFe0YTRnzKAyvvrAVsbKfI0iQZ/oVvOZcZ7k4HEyhfphzCZ
rQuMkJMKYJ1VnzbWN1UWihWq3YF9Ciusw1wGJu4dLjjoMGzZvLZh3s6WzoITRA2y
TAxAAa/40ZfF1ONJQ0/SKCGsQtABJiT0PXVB9jBLwnLsHYAXgLzz200vn2DvOz/g
dNHj17gcBlyIlTJfYHvnRw5F0igixTevDI6QxsefrECFJOs5zCFaiB71jcrMVOAT
PLyapA4+oJdtpPgIwF3CozwzVpRSZmJ9fjkJEpVWjZP3TZGM94Xm+B/tlGrrzCSr
zM2hBG3JRAoCNW48Wdf0MLe6FEAHoQSGVqBVmjqjohPqQ1eoJXOoz0xl6NsD5HRb
VQJsx9G1L8u6T0F4C8cC6v+QJKASF+/ZxLfprU8W8IuZZ9CmVxoMht0Ny82nnKkc
MdezH/13+WfmuAZ+yxtRgC7h5pHN3phSKFVlNiGm07hlnFW0igwGi176xTo/pX3K
0WF2FT8pjtvcglpV+uez
=JAto
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists