Posted on: 01/28/05 11:44am
By: Anonymous (drali)
this article[*1]
"A worm has been detected that targets open source MySQL databases. It can compromise data and be used to launch a denial of service attack.
The MySQL bot exploits weak MySQL installations on Windows-based platforms. The SANS Institute's Internet Storm Centre said thousands of MySQL databases have been infected so far.
SANS said the MySQL bot takes advantage of weak passwords and the database's support for remote configuration.
The bot uses the known "MySQL UDF Dynamic Library Exploit". In order to launch itself, the bot first has to authenticate to MySQL as the "root" user. A long list of passwords is included with the bot, and it will try a brute force technique to get the password.
"
Is geeklog vulnerable to THIS?
Posted on: 01/28/05 01:31pm
By: ScurvyDawg
But it is not GeekLog it is MySQL that may be setup to allow these attacks to happen and only on Microsoft systems.
You may want to get the details at the MySQL site. They could better fill you in on what you will need to do to protect yourself.
Is geeklog vulnerable to THIS?
Posted on: 01/28/05 02:08pm
By: Dirk
As ScurvyDawg said, it's entirely a MySQL problem (actually, a setup problem). There's nothing Geeklog could do.
bye, Dirk