Re: Bind 8 Exploit - Trojan

mp0x8049565 loop sys_sendto() : call 0x8049542 call used to get the address of data (we jump here in the beginning) : data starts here.. Lesson: --- Use the force, read the source! -- Sergei Ledovskij +358(40)8245708 [EMAIL PROTECTED] Makelankatu 91 PO. 21

Re: potential vulnerability of mysqld running with root privileges

upported is 3.23 branch now. 3.23.1 was releases more than a year ago. And 3.23 doesn't has that bug. > > Recomendations: > * Patch mysql to treat database names, started by '..' as incorrect > database names. 3.23 does it. > Patches: > not yet Why, t

Re: potential vulnerability of mysqld running with root privileges(can be used as good DoS or r00t expoloit)

checks table already exists or not > exists, it checks _only_ tablename.frm : Sorry for confusion - in my previous mail a told 3.23 is not vulnerable. Yes, it IS vulnerable, the bug would be fixed asap. Regards, Sergei -- MySQL Development Team __ ___ ___ __ / |/ /_ __/ __/

Re: MySQL user can be changed to root

changes into stable version, thus breaking lots of installations. It is to be done in 4.1. Regards, Sergei On Mar 10, Guido A.J. Stevens wrote: > > I can confirm this privilege escalation in mysql-server 3.23.49-8.2 > (debian/stable on linux/i386). Any mysql user with file privi

Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday

next versions won't be. Regards, Sergei MariaDB Security Coordinator On Dec 01, Kurt Seifried wrote: > On 12/01/2012 02:26 PM, king cope wrote: > > (see attachment) > > > > Cheerio, Kingcope > > So normally for MySQL issues Oracle would assign the CVE #. However i

Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday

day > http://seclists.org/fulldisclosure/2012/Dec/9 > https://bugzilla.redhat.com/show_bug.cgi?id=882608 This is hardly a "zeroday" issue, it was known for, like, ten years. But I'll see what we can do here. https://mariadb.atlassian.net/browse/MDEV-3909 Regards, Sergei MariaDB Security Coordinator

Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday

mple) specified in the configuration file. This way any operation allowed by the FILE privilege (like SELECT ... OUTFILE) will only be able to access files under the /tmp/mysql/ path. Regards, Sergei

perl-cgi hole in UltimateBB by Infopop Corp.

Hello. Writing cgi scripts in perl is simple. It's also rather safe, providing authors follow very simple instructions. But they don't. Browsing some site, I found that their forums were based not on home- made scripts, but rather commercial software product. Hey, said I to myself, remember thos