|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 50 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 MySQL has released information today about a new vulnerability. This exploit check has been integrated into a new Analyzer dot release: 1.89.1. Included in this dot release is the ability to display config.php values even if a MySQL connection isn't established.
View it here--> Analyzer 1.89.1
|
|
Posted on Friday, February 07 @ 22:26:07 CET by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 5
Votes: 1
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: New MySQL Vulnerability (Score: 1)
by ITEagle03 on Saturday, February 08 @ 15:40:00 CET
(User Info | Send a Message) http://www.seanhiatt.ws | | Do you have a link referring to the MySQL vulnerability? I've searched around and haven't been able to find it. |
- Re: by Zhen-Xjell on Saturday, February 08 @ 21:11:07 CET
| | | | |
Re: New MySQL Vulnerability (Score: 1)
by RStar23 on Saturday, February 08 @ 21:58:45 CET
(User Info | Send a Message) | First, thanks for Analyzer - nice tool.
Second, I have done a full updated MySQL to 3.23.55 (was at 3.23.43). Now when I run Anaylzer 1.89.1 it still tells me that I have a vulnerable mysql client (3.23.39).
Since the update loaded my server and client code, I am not sure how this is happening. I would appreciate your insight.
thx
RStar23
|
| | | | |
Re: New MySQL Vulnerability (Score: 0)
by Anonymous on Saturday, February 08 @ 22:13:34 CET | Join the club, I ran the analyzer, got the error about having a vunerable server (3.23.49) followed the link, downloaded the latest (3.23.55) shutdown my produciton server, disconnecting 179 customers, installed the update, rebooted the server and then re-ran the analyzer and it claims I have the wrong one still, (3.23.49). So, now, after pissing off almost 200 customers, I'm wondering if I was running the wrong one to start with.
Not a good thing here guys!!!!! |
- Re: by Zhen-Xjell on Saturday, February 08 @ 22:45:43 CET
| | | | |
Re: New MySQL Vulnerability (Score: 1)
by Zhen-Xjell on Saturday, February 08 @ 22:38:56 CET
(User Info | Send a Message) http://castlecops.com | | Per the mysql changelog if you upgraded you are fine. On running analyzer what version of the server and client does it say you have? |
- Re: by FHFGhost on Saturday, February 08 @ 22:56:37 CET
- Re: by Zhen-Xjell on Sunday, February 09 @ 02:24:17 CET
- Re: by RStar23 on Monday, February 10 @ 21:04:20 CET
| | | | |
Re: New MySQL Vulnerability (Score: 0)
by Anonymous on Sunday, February 09 @ 07:26:12 CET | Can you tell me why this 'tool' says i'm
running a old version of MySQL while i'm
running the latest release!
mysql --version
mysql Ver 12.17 Distrib 4.0.10-gamma, for pc-linux (i686)
mysqld --version
mysqld Ver 4.0.10-gamma for pc-linux on i686
Grtnx,
Jan Koetze |
| | | | |
|
