[TriLUG] Security holes. Revealed by searching yahoo and google
turnpike420 at gmail.com
Fri Jan 14 16:16:20 EST 2005
I'm not sure I understand how I am supposed to check myself for this
On Thu, 13 Jan 2005 15:31:50 -0500, Mike Fieschko
<mike.fieschko at devmike.com> wrote:
> Misconfigured MySQL servers accessible though phpmyadmin:
> [begin quoting]
> Hot on the heals of the recent Google unsecured Webcams search news
> comes in via rumours at threadwatch.org of an even more serious security
> breach made available by search engine queries.
> The latest discovery is that you can search for export processes
> language changelog phpmyadmin at Yahoo and return a list of open,
> vulnerable MySQL database servers.
> In the wrong hands, and with a little advanced search knowledge that
> query can be tweaked to find ecom sites and all manner of havoc wreaked.
> Yahoo! have been alerted, but at the moment the vulnerability is still
> easily found. This is not Yahoo's fault of course, this is a problem
> with the hugely poplular Open Source MySQL database and the way in which
> it has been deployed on some websites. The search just hightlights those
> servers able to be manipulated.
> You can do the same search on Google, but it's less accessible as you
> have to add filter=0 to the end of the url string.
> ADDED: Testing 1,2,3....
> I've just tested this on a staged install by a friend and can assert
> that it works well. I was able to delete tables and access data very
> By Nick W at Jan 13 2005 - 12:12
> [end quoting]
> Mike Fieschko
> Raleigh, NC
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
More information about the TriLUG