[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <50BAF2C7.1010903@redhat.com>
Date: Sat, 01 Dec 2012 23:18:47 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: king cope <isowarez.isowarez.isowarez@...glemail.com>
Cc: security@...iadb.org, ritwik.ghoshal@...cle.com,
todd@...ketstormsecurity.org, security@...ql.com,
full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
moderators@...db.org, submit@...sec.com, coley@...re.org,
cve-assign@...re.org
Subject: Re: MySQL 5.1/5.5 WiNDOWS REMOTE R00T
(mysqljackpot)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/01/2012 11:41 AM, king cope wrote:
> *** FARLiGHT ELiTE HACKERS LEGACY R3L3ASE ***
>
> Attached is the MySQL Windows Remote Exploit (post-auth, udf
> technique) including the previously released mass scanner. The
> exploit is mirrored at the farlight website
> http://www.farlight.org.
>
> Cheerio,
>
> Kingcope
So in the case of this issue it appears to be documented (UDF, do not
run MySQL as administrator, etc.). As I understand CVE assignment
rules this issue does not require a CVE, however just to be on the
safe side I'm CC'ing MySQL, Oracle, MariaDB, OSS-SEC, Steven Christey,
cve-assign and OSVDB to the CC so that everyone is aware of what is
going on.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJQuvLHAAoJEBYNRVNeJnmT9qkQAJQpvJbzLGsgqaX514YqIdIv
cxa7hjTeTEJQk6M9Do2QRdzUekUqNc6rAVW06TAnnSjE1aBoiFmpKqr38VzD/7BX
27ZuSpEPHeVYqKwruMzmV51b/0/4C5TqVRhgC5vxW9iXHUp2srKvaSxYlnZ6aRg4
R8vXbYc+FDW2T5bL0EFe0YTRnzKAyvvrAVsbKfI0iQZ/oVvOZcZ7k4HEyhfphzCZ
rQuMkJMKYJ1VnzbWN1UWihWq3YF9Ciusw1wGJu4dLjjoMGzZvLZh3s6WzoITRA2y
TAxAAa/40ZfF1ONJQ0/SKCGsQtABJiT0PXVB9jBLwnLsHYAXgLzz200vn2DvOz/g
dNHj17gcBlyIlTJfYHvnRw5F0igixTevDI6QxsefrECFJOs5zCFaiB71jcrMVOAT
PLyapA4+oJdtpPgIwF3CozwzVpRSZmJ9fjkJEpVWjZP3TZGM94Xm+B/tlGrrzCSr
zM2hBG3JRAoCNW48Wdf0MLe6FEAHoQSGVqBVmjqjohPqQ1eoJXOoz0xl6NsD5HRb
VQJsx9G1L8u6T0F4C8cC6v+QJKASF+/ZxLfprU8W8IuZZ9CmVxoMht0Ny82nnKkc
MdezH/13+WfmuAZ+yxtRgC7h5pHN3phSKFVlNiGm07hlnFW0igwGi176xTo/pX3K
0WF2FT8pjtvcglpV+uez
=JAto
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists