On Sunday 14 September 2003 14:59, Elv1S wrote: > no comment ... > > http://www.k-otik.com/exploits/09.14.mysql.c.php
This is NO ROOT exploit. To exploit the vuln you need the mysql-root and remote-access for mysql-root-user must be allowed! After the exploit worked you don't have root-access but access with the user mysqld is running in. > > don't know if this vuln is patched ? Vuln is patched in 4.0.15 > > > > --------------------------------- > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software -- e-admin internet gmbh Andreas Gietl tel +49 941 3810884 Ludwig-Thoma-Strasse 35 fax +49 (0)1805/39160 - 29104 93051 Regensburg mobil +49 171 6070008 PGP/GPG-Key unter http://www.e-admin.de/gpg.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
