[plug] open source warning
James Devenish
devenish at guild.uwa.edu.au
Tue Feb 1 10:20:21 WST 2005
In message <d12e5c90501311808feef3ce at mail.gmail.com>
on Tue, Feb 01, 2005 at 10:08:19AM +0800, Senectus . wrote:
> On Tue, 01 Feb 2005 10:00:00 +0800, Craig Ringer
> <craig at postnewspapers.com.au> wrote:
> > On Tue, 2005-02-01 at 10:15 +1100, Onno Benschop wrote:
> > > Useful additional data would have included that this is a warning issued
> > > about a week ago and that it only pertains to Windows installations.
> Is this the fault of the underlying OS or the windows port?
I think it the reason it only affects Windows is that the attackers
had to start "somewhere", and apparently many Windows installations
have weak MySQL administrator passwords. The exploit itself relies on
a brute-force crack of the MySQL 'root' password and uses a sequence of
otherwise-legitimate application "features". Like many 'root' accounts,
MySQL's has essential but dangerous powers by default.
More information about the plug
mailing list