On Tue, Feb 01, 2005 at 01:28:11PM -0800, John H. Robinson, IV wrote: > Lan Barnes wrote: > > On Tue, Feb 01, 2005 at 01:13:14PM -0800, John H. Robinson, IV wrote: > > > Tracy R Reed wrote: > > > > On Tue, Feb 01, 2005 at 04:56:01AM -0800, Ralph Shumaker spake thusly: > > > > > This was MySQL on Linux machines? or on M$? > > > > > > > > On MS. It only affected MySQL running on Windows systems. > > > > > > Not true. They were looking for weak admin passowrds on MySQL databases, > > > and using that to inject the payload into the system tables of the MySQL > > > server. This would affect non-MS systems as well. However, the payload > > > would only work on the MS systems. > > > > Hmm ... by payload you mean malicious code to be executed? What would > > one try to get a Unix variant to execute that could cause trouble? > > > > That's a real question, not rhetorical. > > Shellcode. You can find examples on bugtraq postings.
I don't have time to look at the examples, but I'm not particularly impressed. Perhaps you could mess up apache and all he owned, but you can't run a script as root unless you're already root, at least in Linux (I know, I've tried)[0]. Erasing web contents is a nuisance, but owning the box may be easier in apache on windoze. BTW, this raises one of my more persistent questions, which is why, oh why, would anyone port perfectly good *nix programs to windoze only to run them slower and with more vulnerabilities? And that question _is_ rhetorical. [0] Of course, processes already root such as cron can belt out scripts that can change the world, hence all the precautions associated with that. I may not be the quickest grasshopper, Master, but I have paid attention during a couple of your enlightenments ;-) -- Lan Barnes [EMAIL PROTECTED] Linux Guy, SCM Specialist 858-354-0616 -- KPLUG-List mailing list [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
