MySQL Enterprise Server v.5.0.52

HackForum

MySQL Enterprise Server v.5.0.52#
Ahojte. Oskenoval som si svagrov web a ukazalo mi v Acunetixe tuto fatalnu chybu:
MySQL Enterprise Server v.5.0.52 Multiple Vulnerabilities
Popis chyby:
The MySQL Enterprise Server is ffected by multiple vulnerabilities.
1. Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options can be used to overwrite system table information.
2. ALTER VIEW retained the original DEFINER value, even when altered by another user, which could allow that user to gain the access rights of the view.
3. When using a FEDERATED table, the local server can be forced to crash if the remote server returns a result with fewer columns than expected.

Ako sa da tato chyba zneuzit, pripadne ako sa cez tuto chybu da dostat na web.
Vopred Dakujem
(odpovědět)
urna | 87.244.223.*16.9.2011 9:35
re: MySQL Enterprise Server v.5.0.52#
musel bys mit nejprve pristup do nektere z databazi abys dane chyby mohl zneuzit.
(odpovědět)
Emkei | E-mail | Website | PGP16.9.2011 14:32
re: MySQL Enterprise Server v.5.0.52#
Dajme tomu ze do databazy na tom istom servery kde ma svagor mam aj ja jednu db, ako to urobit aby som sa dostal k jeho db.Vdaka
(odpovědět)
urna | 87.244.223.*17.9.2011 21:14
re: MySQL Enterprise Server v.5.0.52#
Nepomohlo by nalezt nejaky exploit?
[link]
Vulnerability Tutorial - MySQL vulnerabilities
[link]
(odpovědět)
Koala | 93.31.155.*17.9.2011 23:10
re: MySQL Enterprise Server v.5.0.52#
No skusim , uvidim co to urobi. Dik
(odpovědět)
urna | 87.244.223.*18.9.2011 10:03
re: MySQL Enterprise Server v.5.0.52#
Exploity nefunguju...:(
(odpovědět)
urna | 213.151.218.*22.9.2011 23:06

Zpět
 
 
 

 
BBCode